Lucene search
K

60 matches found

OSV
OSV
added 2023/08/22 12:0 a.m.38 views

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

6.5CVSS6.9AI score0.00902EPSS
Exploits1References5
CVE
CVE
added 2023/08/22 12:0 a.m.402 views

CVE-2022-37050

CVE-2022-37050 affects Poppler 22.07.0 and is a crash/DoS in PDFDoc::savePageAs (PDFDoc.c) caused by mishandling the xref data structure during getCatalog processing; it is described as stemming from an incomplete patch to CVE-2018-20662. Connected sources confirm this CVE and show multiple advis...

6.5CVSS6.5AI score0.00921EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/22 12:0 a.m.26 views

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

6.5AI score0.00902EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/08/22 12:0 a.m.28 views

CVE-2022-38349

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

6.5CVSS6.5AI score0.00902EPSS
Exploits1
Debian CVE
Debian CVE
added 2023/08/22 12:0 a.m.30 views

CVE-2022-37050

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...

6.5CVSS6.8AI score0.00921EPSS
Exploits1
OSV
OSV
added 2023/04/26 7:15 p.m.5 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS6.7AI score0.00336EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/04/26 7:15 p.m.2 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS6.6AI score0.00336EPSS
Exploits1References3
NVD
NVD
added 2023/04/26 7:15 p.m.10 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS5.4AI score0.00336EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/04/26 7:15 p.m.22 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS6.8AI score0.00336EPSS
Exploits1References3
CVE
CVE
added 2023/04/26 12:0 a.m.56 views

CVE-2023-26930

CVE-2023-26930 affects XPDF 4.04 and potentially earlier builds. The vulnerability is a buffer overflow in the PDF processing path (PDFDoc malloc in pdftotext.cc) that can cause a Denial of Service. Vendor notes it is an “expected abort on out-of-memory error.” Public advisories from SUSE/PTSecur...

5.5CVSS5.4AI score0.00336EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/04/26 12:0 a.m.18 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.7AI score0.00336EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/04/26 12:0 a.m.25 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS5.4AI score0.00336EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2023/04/26 12:0 a.m.20 views

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

5.5CVSS5.5AI score0.00336EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.35 views

EulerOS 2.0 SP2 : poppler (EulerOS-SA-2021-2425)

According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find located at...

6.5CVSS6.4AI score0.02682EPSS
Exploits6References9
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.6 views

The vulnerability of the PDFDoc::setup function in the PDFDoc.cc component of the Poppler PDF rendering library, related to a lack of input validation mechanism, allows attackers to cause service failures.

The vulnerability of the PDFDoc::setup function in the PDFDoc.cc component of the Poppler PDF rendering library leads to the return of an incorrect value. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created PDF file...

6.5CVSS6.6AI score0.02243EPSS
Exploits0References10Affected Software3
OSV
OSV
added 2021/05/30 12:0 a.m.8 views

OSV-2021-813 Use-of-uninitialized-value in StandardSecurityHandler::StandardSecurityHandler

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34778 Crash type: Use-of-uninitialized-value Crash state: StandardSecurityHandler::StandardSecurityHandler SecurityHandler::make PDFDoc::checkEncryption...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1827)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.03518EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/10/08 11:16 p.m.32 views

CVE-2018-20662

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS3.7AI score0.02243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/16 12:0 a.m.52 views

RHEL 8 : poppler (RHSA-2019:2713)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2713 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: heap-based buffer...

9.8CVSS7.2AI score0.03518EPSS
Exploits8References27
RedHat Linux
RedHat Linux
added 2019/09/12 12:17 p.m.2 views

poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...

6.5CVSS5.8AI score0.02243EPSS
Exploits0References4
Rows per page
Query Builder