53 matches found
SUSE CVE-2025-59933
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines...
EUVD-2025-19742
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-59933
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines...
CVE-2025-59933
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines...
PT-2025-39910
Name of the Vulnerable Software and Affected Versions libvips versions 8.17.1 and earlier Description libvips is an image processing library. When compiled with PDF input support via poppler, versions 8.17.1 and below are susceptible to a buffer read overflow during PDF header parsing when...
ROS-20250910-02
A vulnerability in the Hints::Hints poppler/Hints.cc function of the Poppler PDF display library is related to a resource release error. with resource release errors. Exploitation of the vulnerability allows an attacker acting remotely, to cause a denial of service using a specially crafted PDF...
CVE-2025-52886
Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...
CVE-2025-52886 Poppler Use After Free Vulnerability
Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...
ROS-20250515-05
A vulnerability in the Poppler PDF display library is related to a floating-point exception in the PSStack::roll function. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Poppler PDF mapping library is related to improper signature...
The vulnerability of the Poppler PDF rendering library, related to improper resource termination or resource release, allows a perpetrator to trigger a service failure.
The vulnerability of the Poppler PDF rendering library is related to PDF files in which the xref data structure is incorrectly processed during the getCatalog operation. Exploiting this vulnerability can allow an attacker to cause service failures...
ROS-20230918-04
A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...
ALSA-2023:2259 Moderate: poppler security and bug fix update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: integer overflow in JBIG2 decoder using malformed files CVE-2022-38784 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
K37683194: Poppler vulnerability CVE-2018-13988
Security Advisory Description Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim...
ROS-20220926-02
Poppler PDF rendering library vulnerability is related to integer overflow in decoder JBIG2 in the JBIG2Stream::readTextRegionSeg function in JBIGStream.c. Exploitation of the vulnerability could allow an an attacker acting remotely to pass a specially crafted PDF file or image to an application...
USN-5606-2: poppler regression
USN-5606-1 fixed a vulnerability in poppler. Unfortunately it was missing a commit to fix it properly. This update provides the corresponding fix for Ubuntu 18.04 LTS and Ubuntu 16.04 ESM. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly...
USN-4091-1: poppler vulnerability
It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service...
CVE-2019-9543
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...
CVE-2019-9543
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...
CVE-2019-9545
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...
CVE-2018-20481
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc...