Product:

Poppler

(Freedesktop)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 81
Date Id Summary Products Score Patch Annotated
2023-08-22 CVE-2022-37050 In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662. Poppler 6.5
2023-08-22 CVE-2022-38349 An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. Poppler 6.5
2023-08-22 CVE-2022-37051 An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file. Poppler 6.5
2023-08-22 CVE-2022-37052 A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. Poppler 6.5
2023-08-22 CVE-2020-23804 Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. Poppler 7.5
2023-08-22 CVE-2020-18839 Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. Poppler 6.5
2023-08-11 CVE-2020-36023 An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. Poppler 6.5
2023-08-11 CVE-2020-36024 An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. Poppler 5.5
2023-07-31 CVE-2023-34872 A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. Poppler 5.5
2018-11-02 CVE-2018-18897 An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. Ubuntu_linux, Debian_linux, Poppler, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 6.5