Search CVE reports
71 – 80 of 198 results
CVE-2019-9877
Low priorityThere is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an...
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected | Not affected |
CVE-2019-9903
Low priorityPDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | — | — | — | Fixed | Fixed |
CVE-2019-9631
Low priorityPoppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | — | — | — | Fixed | Fixed |
CVE-2019-9589
Low priorityThere is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an...
6 affected packages
ipe, libextractor, poppler, texlive-bin, utopia-documents, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | — | Not affected | Not affected | Not affected | Not affected |
| utopia-documents | — | Not in release | Not in release | Not in release | Not in release |
| xpdf | — | Not affected | Not in release | Not affected | Not affected |
CVE-2019-9588
Low priorityThere is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service...
6 affected packages
ipe, libextractor, poppler, texlive-bin, utopia-documents, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ipe | Not affected | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| utopia-documents | Not in release | Not in release | Not in release | Not in release | Not in release |
| xpdf | Not affected | Not affected | Not in release | Not affected | Not affected |
CVE-2019-9587
Negligible priorityThere is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service...
6 affected packages
ipe, libextractor, poppler, texlive-bin, utopia-documents, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ipe | Not affected | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| utopia-documents | Not in release | Not in release | Not in release | Not in release | Not in release |
| xpdf | Not affected | Not affected | Not in release | Not affected | Not affected |
CVE-2019-9545
Negligible priorityAn issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-9543
Negligible priorityAn issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2019-9200
Medium priorityA heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | — | — | — | Fixed | Fixed |
CVE-2019-7310
Medium priorityIn Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| poppler | — | — | — | Fixed | Fixed |