Poppler@* Security Vulnerabilities and Issues — Poppler@* CVE List

Lucene search

FreedesktopPoppler*

6 matches found

CVE•added 2019/08/01 5:15 p.m.•350 views

CVE-2019-14494

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

7.5CVSS7.3AI score0.00444EPSS

CVE•added 2019/05/23 5:29 a.m.•264 views

CVE-2019-12293

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.

8.8CVSS7.3AI score0.00713EPSS

CVE•added 2019/07/22 3:15 p.m.•199 views

CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.

6.5CVSS6.4AI score0.0035EPSS

CVE•added 2019/09/05 4:15 a.m.•187 views

CVE-2018-21009

Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.

8.8CVSS6.9AI score0.00463EPSS

CVE•added 2019/11/13 8:15 p.m.•60 views

CVE-2010-4653

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

6.5CVSS6.9AI score0.00782EPSS

CVE•added 2019/11/13 8:15 p.m.•50 views

CVE-2010-4654

poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.

9.3CVSS7.8AI score0.00468EPSS