Poppler@* Security Vulnerabilities and Issues — Poppler@* CVE List

Lucene search

FreedesktopPoppler*

4 matches found

CVE•added 2018/05/06 11:29 p.m.•203 views

CVE-2018-10768

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.

6.5CVSS6.3AI score0.01525EPSS

CVE•added 2018/07/25 11:29 p.m.•198 views

CVE-2018-13988

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF fi...

6.5CVSS6AI score0.00538EPSS

CVE•added 2018/05/10 3:29 p.m.•174 views

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

5.5CVSS5.7AI score0.00451EPSS

CVE•added 2018/11/10 7:29 p.m.•96 views

CVE-2018-19149

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

6.5CVSS6.4AI score0.002EPSS