Vulnerabilities (CVE)

Filtered by vendor Freedesktop Subscribe
Total 117 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23804 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-08 N/A 7.5 HIGH
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
CVE-2022-37050 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-08 N/A 6.5 MEDIUM
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
CVE-2022-37051 2 Debian, Freedesktop 2 Debian Linux, Poppler 2023-12-08 N/A 6.5 MEDIUM
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
CVE-2023-34872 1 Freedesktop 1 Poppler 2023-12-06 N/A 5.5 MEDIUM
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
CVE-2022-1215 1 Freedesktop 1 Libinput 2023-11-09 7.2 HIGH 7.8 HIGH
A format string vulnerability was found in libinput
CVE-2022-38784 3 Debian, Fedoraproject, Freedesktop 3 Debian Linux, Fedora, Poppler 2023-11-07 N/A 7.8 HIGH
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
CVE-2022-27337 3 Debian, Fedoraproject, Freedesktop 3 Debian Linux, Fedora, Poppler 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
CVE-2021-3185 1 Freedesktop 1 Gst-plugins-bad 2023-11-07 7.5 HIGH 9.8 CRITICAL
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.
CVE-2021-30860 3 Apple, Freedesktop, Xpdfreader 7 Ipados, Iphone Os, Mac Os X and 4 more 2023-11-07 6.8 MEDIUM 7.8 HIGH
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2020-35702 1 Freedesktop 1 Poppler 2023-11-07 6.8 MEDIUM 7.8 HIGH
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects
CVE-2019-9631 3 Debian, Fedoraproject, Freedesktop 3 Debian Linux, Fedora, Poppler 2023-11-07 7.5 HIGH 9.8 CRITICAL
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
CVE-2019-9200 3 Canonical, Debian, Freedesktop 3 Ubuntu Linux, Debian Linux, Poppler 2023-11-07 6.8 MEDIUM 8.8 HIGH
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
CVE-2019-9959 4 Debian, Fedoraproject, Freedesktop and 1 more 7 Debian Linux, Fedora, Poppler and 4 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
CVE-2019-7310 5 Canonical, Debian, Fedoraproject and 2 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2023-11-07 6.8 MEDIUM 7.8 HIGH
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.
CVE-2019-9903 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
CVE-2019-20367 4 Canonical, Debian, Freedesktop and 1 more 4 Ubuntu Linux, Debian Linux, Libbsd and 1 more 2023-11-07 6.4 MEDIUM 9.1 CRITICAL
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
CVE-2019-14494 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 4.3 MEDIUM 7.5 HIGH
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
CVE-2019-12293 1 Freedesktop 1 Poppler 2023-11-07 6.8 MEDIUM 8.8 HIGH
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
CVE-2019-12749 2 Canonical, Freedesktop 2 Ubuntu Linux, Dbus 2023-11-07 3.6 LOW 7.1 HIGH
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.
CVE-2019-11026 2 Fedoraproject, Freedesktop 2 Fedora, Poppler 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.