60 matches found
CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...
CVE-2022-37050
CVE-2022-37050 affects Poppler 22.07.0 and is a crash/DoS in PDFDoc::savePageAs (PDFDoc.c) caused by mishandling the xref data structure during getCatalog processing; it is described as stemming from an incomplete patch to CVE-2018-20662. Connected sources confirm this CVE and show multiple advis...
CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...
CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
CVE-2023-26930 affects XPDF 4.04 and potentially earlier builds. The vulnerability is a buffer overflow in the PDF processing path (PDFDoc malloc in pdftotext.cc) that can cause a Denial of Service. Vendor notes it is an “expected abort on out-of-memory error.” Public advisories from SUSE/PTSecur...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
CVE-2023-26930
Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...
EulerOS 2.0 SP2 : poppler (EulerOS-SA-2021-2425)
According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find located at...
The vulnerability of the PDFDoc::setup function in the PDFDoc.cc component of the Poppler PDF rendering library, related to a lack of input validation mechanism, allows attackers to cause service failures.
The vulnerability of the PDFDoc::setup function in the PDFDoc.cc component of the Poppler PDF rendering library leads to the return of an incorrect value. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created PDF file...
OSV-2021-813 Use-of-uninitialized-value in StandardSecurityHandler::StandardSecurityHandler
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34778 Crash type: Use-of-uninitialized-value Crash state: StandardSecurityHandler::StandardSecurityHandler SecurityHandler::make PDFDoc::checkEncryption...
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-1827)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-20662
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...
RHEL 8 : poppler (RHSA-2019:2713)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2713 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: heap-based buffer...
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing...