cbcvebase.

Freedesktop Poppler vulnerabilities

157 known vulnerabilities affecting freedesktop/poppler.

Total CVEs
157
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
1
Severity breakdown
CRITICAL9HIGH52MEDIUM92LOW4

Vulnerabilities

Page 3 of 8
CVE-2017-14976P3HIGHCVSS 7.5v0.59.02017-10-02
CVE-2017-14976 [HIGH] CWE-125 CVE-2017-14976: The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer o The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
nvdosv
CVE-2022-38171P3HIGHCVSS 7.8fixed in 22.09.02022-08-22
CVE-2022-38171 [HIGH] CWE-190 CVE-2022-38171: Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextR Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).
nvd
CVE-2024-6239P3HIGHCVSS 7.5fixed in 24.06.02024-06-21
CVE-2024-6239 [HIGH] CWE-20 CVE-2024-6239: A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter wit A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
nvdosv
CVE-2019-7310P4HIGHCVSS 7.8v0.73.02019-02-03
CVE-2019-7310 [HIGH] CWE-125 CVE-2019-7310: In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::ge In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.
nvdosv
CVE-2019-14494P4HIGHCVSS 7.5≤ 0.78.02019-08-01
CVE-2019-14494 [HIGH] CWE-369 CVE-2019-14494: An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function S An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
nvdosv
CVE-2017-14975P4HIGHCVSS 7.5v0.59.02017-10-02
CVE-2017-14975 [HIGH] CWE-476 CVE-2017-14975: The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer derefe The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
nvdosv
CVE-2017-14977P4HIGHCVSS 7.5v0.59.02017-10-02
CVE-2017-14977 [HIGH] CWE-476 CVE-2017-14977: The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer deref The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.
nvdosv
CVE-2019-13281P4HIGHCVSS 7.8≥ 0, < 0.41.0-0ubuntu1.14≥ 0, < 0.62.0-2ubuntu2.92019-07-04
CVE-2019-13281 [HIGH] CVE-2019-13281: In Xpdf 4 In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact.
osv
CVE-2019-13282P4HIGHCVSS 7.8≥ 0, < 0.41.0-0ubuntu1.14≥ 0, < 0.62.0-2ubuntu2.92019-07-04
CVE-2019-13282 [HIGH] CVE-2019-13282: In Xpdf 4 In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
osv
CVE-2019-13283P4HIGHCVSS 7.8≥ 0, < 0.41.0-0ubuntu1.152019-07-04
CVE-2019-13283 [HIGH] CVE-2019-13283: In Xpdf 4 In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
osv
CVE-2020-23804P4HIGHCVSS 7.5v0.89.02023-08-22
CVE-2020-23804 [HIGH] CWE-674 CVE-2020-23804: Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
nvdosv
CVE-2005-3627P4HIGHCVSS 7.5≥ 0, < 0.4.4-12005-12-31
CVE-2005-3627 [HIGH] CVE-2005-3627: Stream Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of
osv
CVE-2019-12957P4HIGHCVSS 7.8≥ 0, < 0.22.5-42019-06-25
CVE-2019-12957 [HIGH] CVE-2019-12957: In Xpdf 4 In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
osv
CVE-2019-9878P4HIGHCVSS 7.8≥ 0, < 0.41.0-0ubuntu1.13≥ 0, < 0.62.0-2ubuntu2.82019-03-21
CVE-2019-9878 [HIGH] CVE-2019-9878: There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
osv
CVE-2019-13289P4HIGHCVSS 7.8≥ 0, < 0.41.0-0ubuntu1.14≥ 0, < 0.62.0-2ubuntu2.92019-07-04
CVE-2019-13289 [HIGH] CVE-2019-13289: In Xpdf 4 In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.
osv
CVE-2017-14519P4HIGHCVSS 7.5v0.59.02017-09-17
CVE-2017-14519 [HIGH] CWE-835 CVE-2017-14519: In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a r In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
nvdosv
CVE-2017-14929P4HIGHCVSS 7.5v0.59.02017-09-30
CVE-2017-14929 [HIGH] CVE-2017-14929: In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a re In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.
nvdosv
CVE-2006-0301P4HIGHCVSS 7.5≥ 0, < 0.4.5-12006-01-30
CVE-2006-0301 [HIGH] CVE-2006-0301: Heap-based buffer overflow in Splash Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
osv
CVE-2017-14518P4HIGHCVSS 7.8v0.59.02017-09-17
CVE-2017-14518 [HIGH] CWE-20 CVE-2017-14518: In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.
nvdosv
CVE-2017-14520P4HIGHCVSS 7.8v0.59.02017-09-17
CVE-2017-14520 [HIGH] CWE-20 CVE-2017-14520: In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
nvdosv
Freedesktop Poppler vulnerabilities | cvebase