Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017695 advisory. A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that,...

Linux Distros Unpatched Vulnerability : CVE-2020-24996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an invalid memory access in the function TextString::TextString located in Catalog.cc in Xpdf 4.0.2. It can be triggered by for example sending a craft...

SUSE CVE-2018-18651

An issue was discovered in Xpdf 4.00. catalog-getNumPages in AcroForm.cc allows attackers to launch a denial of service hang caused by large loop via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file...

SUSE CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

UBUNTU-CVE-2018-8100

The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml...

UBUNTU-CVE-2018-7453

Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml...