Astra Linux - уязвимость в poppler

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...

Astra Linux - уязвимость в poppler

The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...

Astra Linux - уязвимость в poppler

The Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service...

Astra Linux - уязвимость в poppler, poppler-22

A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Astra Linux - уязвимость в poppler, poppler-22

Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...

Astra Linux - уязвимость в poppler

A issue with the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause infinite recursion by providing a crafted PDF file. This can lead to a Denial of Service DoS attack...

Astra Linux - уязвимость в poppler

Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free write vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a std::vector, which...

Astra Linux - уязвимость в poppler

A issue was discovered in Poppler 0.71.0. There is an out-of-bounds read in EmbFile::save2 in FileSpec.cc, which can lead to a denial of service. This issue is evident when utils/pdfdetach.cc does not validate embedded files before attempting to save them...

Astra Linux - уязвимость в poppler-22, poppler

In Poppler 22.07.0, the PDFDoc::savePageAs function in PDFDoc.c allows attackers to cause a denial-of-service attack the application crashes with SIGABRT by manipulating a PDF file in which the xref data structure is improperly handled during the getCatalog process. Note that this vulnerability i...

Astra Linux - уязвимость в poppler, poppler-22

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

Astra Linux - уязвимость в poppler-22, poppler

A issue was discovered in Poppler 22.07.0. There exists a reachable abort that leads to a denial of service, due to the main function in pdfunite.cc lacking a stream check before saving an embedded file...

CVE-2018-25306

PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF...

CVE-2018-25306

PDFunite 0.41.0 contains a local buffer overflow in processing malformed PDFs during merge, causing a segmentation fault via XRef::getEntry in libpoppler when a crafted PDF is merged. This is a local-impact vulnerability that can crash the pdfunite utility; exploitation details and a validated fi...

Security Bulletin: Vulnerability in poppler affects IBM Netezza Appliance

Summary The poppler package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-32365 Vulnerability Details CVEID:CVE-2025-32365 DESCRIPTION: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine...

CLSA-2026-1776760883 poppler: Fix of CVE-2025-32364

CVE-2025-32364: fix floating-point exception in PSStack::roll when handling malformed PostScript input with INTMIN...

Security Bulletin: Vulnerabilities in poppler affects IBM Netezza Appliance

Summary The poppler package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-32365, CVE-2022-38784, CVE-2020-36024 Vulnerability Details CVEID:CVE-2025-32365 DESCRIPTION: Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds...

JLSEC-2026-88

An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service DoS...

JLSEC-2026-90

Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...

JLSEC-2026-85 A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an...

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN...

JLSEC-2026-86 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the...

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...