Lucene search
K

21 matches found

Mageia
Mageia
added 2025/07/25 9:48 p.m.4 views

Updated poppler packages fix security vulnerabilities

poppler uses std::atomicint for reference counting. Because it is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free...

6.9CVSS7.5AI score0.00371EPSS
Exploits1References2
OSV
OSV
added 2025/05/05 4:57 a.m.5 views

MGASA-2025-0143 Updated poppler packages fix security vulnerability

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. CVE-2025-43903...

4.3CVSS6.1AI score0.00092EPSS
Exploits0References3
OSV
OSV
added 2025/04/12 4:23 a.m.13 views

MGASA-2025-0134 Updated poppler packages fix security vulnerabilities

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN. CVE-2025-32364 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine...

7.1CVSS6.5AI score0.00218EPSS
Exploits2References4
Mageia
Mageia
added 2025/04/12 4:23 a.m.36 views

Updated poppler packages fix security vulnerabilities

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN. CVE-2025-32364 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine...

7.1CVSS6.7AI score0.00218EPSS
Exploits2References3
Mageia
Mageia
added 2025/01/24 7:46 p.m.15 views

Updated poppler packages fix security vulnerability

libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...

4.3CVSS6.8AI score0.0062EPSS
Exploits1References2
OSV
OSV
added 2025/01/24 7:46 p.m.6 views

MGASA-2025-0022 Updated poppler packages fix security vulnerability

libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...

4.3CVSS4.4AI score0.0062EPSS
Exploits1References3
OSV
OSV
added 2024/07/10 6:1 p.m.8 views

MGASA-2024-0260 Updated poppler packages fix security vulnerability

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. CVE-2024-6239...

7.5CVSS7.1AI score0.00785EPSS
Exploits0References3
OSV
OSV
added 2024/06/14 1:31 a.m.3 views

MGASA-2024-0218 Updated poppler packages fix security vulnerability

Out-of-bounds array write. CVE-2024-4141...

5.5CVSS5.4AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2023/09/11 1:7 p.m.6 views

MGASA-2023-0262 Updated poppler packages fix security vulnerability

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service DoS via crafted .pdf file to FoFiType1C::cvtGlyph function. CVE-2020-36023 An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial...

6.5CVSS5.7AI score0.00927EPSS
Exploits2References3
OSV
OSV
added 2022/10/23 10:48 p.m.5 views

MGASA-2022-0386 Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

7.8CVSS7.7AI score0.00574EPSS
Exploits1References8
OSV
OSV
added 2022/08/13 2:32 a.m.4 views

MGASA-2022-0282 Updated poppler packages fix security vulnerability

A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service DoS via a crafted PDF file. CVE-2022-27337...

6.5CVSS6.2AI score0.01547EPSS
Exploits1References3
OSV
OSV
added 2020/12/03 9:54 a.m.7 views

MGASA-2020-0445 Updated poppler packages fix a security vulnerability

buffer overflow in pdftohtml could result in a DoS CVE-2020-27778...

7.5CVSS7.8AI score0.02174EPSS
Exploits1References3
OSV
OSV
added 2019/03/29 3:51 p.m.9 views

MGASA-2019-0117 Updated poppler packages fix security vulnerabilities

The updated poppler packages fix security vulnerabilities: In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data...

8.8CVSS6.8AI score0.03473EPSS
Exploits1References3
OSV
OSV
added 2018/12/31 10:42 p.m.7 views

MGASA-2018-0498 Updated poppler packages fix security vulnerability

Poppler before 0.70.0 has a NULL pointer dereference in popplerattachmentnew when called from popplerannotfileattachmentgetattachment. CVE-2018-19149...

6.5CVSS7AI score0.0274EPSS
Exploits1References3
OSV
OSV
added 2018/08/31 9:11 p.m.5 views

MGASA-2018-0358 Updated poppler packages fix security vulnerability

The updated packages fix a security vulnerability: Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be...

6.5CVSS7.1AI score0.0315EPSS
Exploits1References2
OSV
OSV
added 2018/01/14 4:54 p.m.7 views

MGASA-2018-0083 Updated poppler packages fix security vulnerability

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations CVE-2017-1000456...

8.8CVSS8.7AI score0.01968EPSS
Exploits1References3
Mageia
Mageia
added 2018/01/11 7:36 p.m.34 views

Updated poppler packages fix security vulnerability

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. CVE-2017-1000456...

8.8CVSS2.3AI score0.01968EPSS
Exploits1References2
OSV
OSV
added 2018/01/11 7:36 p.m.6 views

MGASA-2018-0068 Updated poppler packages fix security vulnerability

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. CVE-2017-1000456...

8.8CVSS8.7AI score0.01968EPSS
Exploits1References3
OSV
OSV
added 2016/04/21 2:52 p.m.2 views

MGASA-2016-0145 Updated poppler packages fix security vulnerabilities

Updated poppler packages fix security vulnerability: A heap buffer overflow vulnerability was found in the poppler library. A maliciously crafted file could cause the application to crash fdo93476...

7.7AI score
Exploits0References4
OSV
OSV
added 2013/11/20 8:28 p.m.9 views

MGASA-2013-0332 Updated poppler packages fix multiple vulnerabilities

Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application...

7.5CVSS8AI score0.10483EPSS
Exploits1References3
Rows per page
Query Builder