Poppler Security Vulnerabilities and Issues — Poppler CVE List

Lucene search

FreedesktopPoppler

4 matches found

CVE•added 2017/10/02 1:29 a.m.•93 views

CVE-2017-14977

The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.

7.5CVSS6AI score0.0109EPSS

CVE•added 2017/10/02 1:29 a.m.•89 views

CVE-2017-14976

The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.

7.5CVSS6.2AI score0.01087EPSS

CVE•added 2017/10/02 1:29 a.m.•88 views

CVE-2017-14975

The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.

7.5CVSS6AI score0.0109EPSS

CVE•added 2017/10/17 10:29 p.m.•77 views

CVE-2017-15565

In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.

8.8CVSS6.4AI score0.00614EPSS