Astra Linux - уязвимость в poppler-22, poppler

A issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h; this could lead to a denial of service. This issue arises because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

Astra Linux - уязвимость в poppler

In Poppler 0.74.0, the PDFDoc::markObject method in PDFDoc.cc mishandles dict marking, resulting in stack consumption in the Dict::find function located in Dict.cc. This issue can be triggered by passing a malicious PDF file to the pdfunite binary...

EUVD-2022-40939

Malicious code in bioql PyPI...

Buffer Overflow

XPDF is vulnerable to a Buffer Overflow vulnerability. The vulnerability is due to an attacker being able to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. However, the vendor states that it's an expected abort on out-of-memory error...

SUSE: Security Advisory (SUSE-SU-2023:4942-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4942-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2018-20662: PDFDoc setup in PDFDoc.cc allows attackers to cause DOS because of a wrong return value from PDFDoc:setup bsc1120956...

openSUSE 15 Security Update : poppler (SUSE-SU-2023:4690-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:4690-1 advisory. - In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wron...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3947-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3947-1 advisory. - In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a...

ROS-20230918-04

A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...

OESA-2023-1613 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes:...

Amazon Linux 2 : poppler (ALAS-2023-2243)

The version of poppler installed on the remote host is prior to 0.26.5-43. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2243 advisory. Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service...

SUSE CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

Code injection

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

Design/Logic Flaw

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the PDFDoc::savePageAs function in PDFDoc.c, by crafting a PDF file that mishandles the xref data structure in getCatalog processing. Details Denial of Service DoS describes a family of attacks, all aimed at...