Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allows for stack exhaustion and denial of service bsc1250908. CVE-2025-52885: Fixed raw pointers can lead to dangling...

EUVD-2011-0358

Malware in sbrugna...

EUVD-2015-1423

Malware in sbrugna...

EUVD-2009-4741

Malware in sbrugna...

EUVD-2018-8321

Malware in sbrugna...

EUVD-2013-3420

Malware in sbrugna...

EUVD-2017-6403

Malware in sbrugna...

EUVD-2017-6714

Malware in sbrugna...

EUVD-2008-2039

Malware in sbrugna...

EUVD-2009-1182

Malware in sbrugna...

EUVD-2017-1444

Malware in sbrugna...

EUVD-2024-31840

Malicious code in bioql PyPI...

CVE-2013-3485

Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.10520 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 api-ms-win-core-localregistry-l1-1-0.dll file in the current working directory...

SUSE CVE-2012-2875

Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document...

Vulnerabilities found in Xpdf

Vulnerabilities have been fixed in Xpdf. The vulnerabilities allow a malicious person to cause a denial-of-service. For the vulnerabilities, Proof-of-Concept code is publicly available. The developers of Xpdf give no indication that any actively observed misuse as well. At the time of writing thi...

openSUSE 15 Security Update : poppler (openSUSE-SU-2021:3854-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3854-1 advisory. - The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service...

Falsifying and weaponizing certified PDFs

The Portable Document Format PDF file type is one of the most common file formats in use today. Its value comes from the fact that PDFs always print the same way, and that PDFs are supposed to be read-only unlike a Word document, say, which is designed to be easy to edit. This immutability can be...

SUSE-SU-2018:1691-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service...

USN-3350-1: poppler vulnerabilities

Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. CVE-2017-28...

Foxit Patches 12 Vulnerabilities, 8 That Could Lead to RCE

Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the product. The company released version 8.0 of its Foxit Reader and Foxit PhantomPDF on Monday, addressin...