[SECURITY] Fedora 43 Update: poppler-25.07.0-5.fc43

poppler is a PDF rendering library...

Google Chrome PDFium Heap Buffer Overflow Vulnerability

Google Chrome is a web browser developed by Google with a built-in PDFium component for rendering PDF documents. Google Chrome's PDFium suffers from a heap buffer overflow vulnerability that stems from a failure to properly handle certain data in a specially crafted PDF file, which can be exploit...

EUVD-2026-23052

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

PT-2026-29343

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...

KLA90896 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in PDFium can be exploited to cause denial of service. 2...

RHEL 8 : poppler (RHSA-2026:0772)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0772 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in...

MiracleLinux 3 : freetype-2.2.1-25.0.1.AXS3 (AXSA:2010-399:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-399:01 advisory. The FreeType engine is a free and portable TrueType font rendering engine, developed to provide TrueType support for a variety of platforms and...

[SECURITY] Fedora 42 Update: poppler-25.02.0-2.fc42

poppler is a PDF rendering library...

CVE-2025-52886

A use-after-free vulnerability has been discovered in the PDF rendering library, stemming from a reference counting flaw. This issue allows an attacker, by providing specially crafted malicious input, to overflow a reference counter which subsequently leads to a use-after-free condition. While th...

RLSA-2024:5305 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

USN-7471-1: poppler vulnerabilities

It was discovered that poppler did not properly verify adbe.pkcs7.sha1 signatures in PDF documents. An attacker could possibly use this issue to create documents with forged signatures that are treated as legitimately signed...

[SECURITY] [DLA 4141-1] poppler security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4141-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 28, 2025 https://wiki.debian.org/LTS -...

RLSA-2024:9167 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

poppler security update

An update is available for poppler. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Poppler is a Portable Document Format PDF rendering library, used by...

LunaSVG 安全漏洞

LunaSVG is a standalone SVG rendering library in C by the individual developer Samuel Ugochukwu. A security vulnerability exists in LunaSVG version v3.0.0, which stems from a discovery of a containment segmentation violation via the component plutovgblend...

OESA-2024-2602 poppler security update

is a PDF rendering library. Security Fixes: libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.CVE-2024-56378...

ALSA-2024:9167 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: pdfinfo: crash in broken documents when using -dests parameter CVE-2024-6239 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

UBUNTU-CVE-2024-25885

An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service ReDOS via supplying a crafted string...

RHEL 8 : poppler (RHSA-2024:2979)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2979 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: NULL pointer dereference i...

Moderate: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...