Package Instance

reference_id

AVG-326

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2551
reference_id	RHSA-2017:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2551

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9775

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3u3m-ru9u-buem

url VCID-44yv-r4hg-17db

vulnerability_id VCID-44yv-r4hg-17db

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14520

reference_id

reference_type

scores

value	0.00223
scoring_system	epss
scoring_elements	0.45044
published_at	2026-04-18T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44956
published_at	2026-04-07T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45008
published_at	2026-04-08T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45009
published_at	2026-04-09T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45031
published_at	2026-04-11T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44999
published_at	2026-04-12T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45001
published_at	2026-04-13T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45051
published_at	2026-04-16T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51975
published_at	2026-04-02T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51927
published_at	2026-04-01T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14520

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102719
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1494582
reference_id	1494582
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1494582

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081
reference_id	876081
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14520

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14520

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44yv-r4hg-17db

url VCID-48ua-ch85-w3cg

vulnerability_id VCID-48ua-ch85-w3cg

summary poppler: Reachable assertion in Object.h

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-38349

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05714
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05743
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05794
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05785
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05779
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05755
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05751
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0579
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05815
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-38349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282

reference_id

1282

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2251630
reference_id	2251630
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2251630

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28

reference_id

4564a002bcb6094cc460bc0d5ddff9423fe6dd28

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28

reference_url	https://usn.ubuntu.com/6508-1/
reference_id	USN-6508-1
reference_type
scores
url	https://usn.ubuntu.com/6508-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2022-38349

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48ua-ch85-w3cg

url VCID-4ucr-xaac-7uc7

vulnerability_id VCID-4ucr-xaac-7uc7

summary poppler: Floating-Point Exception in Poppler

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32364

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.26434
published_at	2026-04-02T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26256
published_at	2026-04-18T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26371
published_at	2026-04-09T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2638
published_at	2026-04-11T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26333
published_at	2026-04-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26275
published_at	2026-04-13T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26281
published_at	2026-04-16T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26478
published_at	2026-04-04T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26252
published_at	2026-04-07T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26319
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190
reference_id	1102190
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574

reference_id

1574

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2357657
reference_id	2357657
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2357657

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3

reference_id

d87bc726c7cc98f8c26b60ece5f20236e9de1bc3

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3

reference_url	https://usn.ubuntu.com/7426-1/
reference_id	USN-7426-1
reference_type
scores
url	https://usn.ubuntu.com/7426-1/

reference_url	https://usn.ubuntu.com/7426-2/
reference_id	USN-7426-2
reference_type
scores
url	https://usn.ubuntu.com/7426-2/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2025-32364

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ucr-xaac-7uc7

url VCID-5jej-esjt-uqak

vulnerability_id VCID-5jej-esjt-uqak

summary poppler: integer overflow in Parser::makeStream in Parser.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-21009

reference_id

reference_type

scores

value	0.00481
scoring_system	epss
scoring_elements	0.65047
published_at	2026-04-01T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65177
published_at	2026-04-18T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65159
published_at	2026-04-12T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65131
published_at	2026-04-13T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65167
published_at	2026-04-16T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65097
published_at	2026-04-02T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65124
published_at	2026-04-04T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65088
published_at	2026-04-07T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65137
published_at	2026-04-08T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.6515
published_at	2026-04-09T12:55:00Z

value	0.00481
scoring_system	epss
scoring_elements	0.65169
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-21009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1753850
reference_id	1753850
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1753850

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::
reference_id	cpe:2.3:a:freedesktop:poppler::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-21009

reference_id

CVE-2018-21009

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-21009

reference_url	https://access.redhat.com/errata/RHSA-2020:1074
reference_id	RHSA-2020:1074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1074

reference_url	https://usn.ubuntu.com/4646-1/
reference_id	USN-4646-1
reference_type
scores
url	https://usn.ubuntu.com/4646-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-21009

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jej-esjt-uqak

url VCID-5py7-z1gg-9fet

vulnerability_id VCID-5py7-z1gg-9fet

summary poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14494

reference_id

reference_type

scores

value	0.01969
scoring_system	epss
scoring_elements	0.83467
published_at	2026-04-01T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.8348
published_at	2026-04-02T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83494
published_at	2026-04-04T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83493
published_at	2026-04-07T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83518
published_at	2026-04-08T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83527
published_at	2026-04-09T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83542
published_at	2026-04-11T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83536
published_at	2026-04-12T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83532
published_at	2026-04-13T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83566
published_at	2026-04-16T12:55:00Z

value	0.01969
scoring_system	epss
scoring_elements	0.83567
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1797453
reference_id	1797453
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1797453

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812
reference_id	933812
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812

reference_url	https://access.redhat.com/errata/RHSA-2020:3977
reference_id	RHSA-2020:3977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3977

reference_url	https://access.redhat.com/errata/RHSA-2020:4643
reference_id	RHSA-2020:4643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4643

reference_url	https://usn.ubuntu.com/4091-1/
reference_id	USN-4091-1
reference_type
scores
url	https://usn.ubuntu.com/4091-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2019-14494

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5py7-z1gg-9fet

url VCID-72nw-9jgd-4kdw

vulnerability_id VCID-72nw-9jgd-4kdw

summary poppler: abort in main() in pdfunite.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37051

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13629
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1369
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1349
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13571
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13621
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13593
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13556
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13508
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1342
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13416
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37051

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234528
reference_id	2234528
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234528

reference_url	https://usn.ubuntu.com/6508-1/
reference_id	USN-6508-1
reference_type
scores
url	https://usn.ubuntu.com/6508-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2022-37051

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72nw-9jgd-4kdw

url VCID-74sz-r8kq-qkd5

vulnerability_id VCID-74sz-r8kq-qkd5

summary poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20551

reference_id

reference_type

scores

value	0.00309
scoring_system	epss
scoring_elements	0.54012
published_at	2026-04-01T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54137
published_at	2026-04-18T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54111
published_at	2026-04-12T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54094
published_at	2026-04-13T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54133
published_at	2026-04-16T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.5403
published_at	2026-04-02T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54056
published_at	2026-04-04T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54033
published_at	2026-04-07T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54085
published_at	2026-04-08T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54083
published_at	2026-04-09T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54129
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/703
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/703

reference_url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665259
reference_id	1665259
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665259

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525
reference_id	917525
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20551

reference_id

CVE-2018-20551

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20551

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3886-1/
reference_id	USN-3886-1
reference_type
scores
url	https://usn.ubuntu.com/3886-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-20551

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74sz-r8kq-qkd5

url VCID-7n47-6efe-eybd

vulnerability_id VCID-7n47-6efe-eybd

summary poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14926

reference_id

reference_type

scores

value	0.00173
scoring_system	epss
scoring_elements	0.38669
published_at	2026-04-18T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.3867
published_at	2026-04-12T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38643
published_at	2026-04-13T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38691
published_at	2026-04-16T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52395
published_at	2026-04-01T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5244
published_at	2026-04-02T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52468
published_at	2026-04-04T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52433
published_at	2026-04-07T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52486
published_at	2026-04-08T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5248
published_at	2026-04-09T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52531
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14926

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102601
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500323
reference_id	1500323
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500323

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239
reference_id	877239
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14926

reference_id

CVE-2017-14926

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14926

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14926

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7n47-6efe-eybd

url VCID-7p5r-eqxs-tugv

vulnerability_id VCID-7p5r-eqxs-tugv

summary poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9631

reference_id

reference_type

scores

value	0.02178
scoring_system	epss
scoring_elements	0.84271
published_at	2026-04-01T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84361
published_at	2026-04-18T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84342
published_at	2026-04-12T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84338
published_at	2026-04-13T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.8436
published_at	2026-04-16T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84284
published_at	2026-04-02T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84303
published_at	2026-04-04T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84304
published_at	2026-04-07T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84326
published_at	2026-04-08T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84331
published_at	2026-04-09T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84349
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9631

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/736
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/736

reference_url	https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1686802
reference_id	1686802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1686802

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673
reference_id	926673
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9631

reference_id

CVE-2019-9631

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9631

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-9631

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv

url VCID-8t2a-b56v-tqcs

vulnerability_id VCID-8t2a-b56v-tqcs

summary poppler: stack consumption in function Dict::find() in Dict.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9903

reference_id

reference_type

scores

value	0.00732
scoring_system	epss
scoring_elements	0.72654
published_at	2026-04-01T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72759
published_at	2026-04-18T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72716
published_at	2026-04-12T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72706
published_at	2026-04-13T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72748
published_at	2026-04-16T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72662
published_at	2026-04-02T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72679
published_at	2026-04-04T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72657
published_at	2026-04-07T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72696
published_at	2026-04-08T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72709
published_at	2026-04-09T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.72733
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9903

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/741
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/741

reference_url	https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/

reference_url	https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/
reference_id
reference_type
scores
url	https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/

reference_url	http://www.securityfocus.com/bid/107560
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107560

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1691724
reference_id	1691724
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1691724

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264
reference_id	925264
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9903

reference_id

CVE-2019-9903

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9903

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2019-9903

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8t2a-b56v-tqcs

url VCID-96jm-1vhy-eyfd

vulnerability_id VCID-96jm-1vhy-eyfd

summary poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11026

reference_id

reference_type

scores

value	0.00514
scoring_system	epss
scoring_elements	0.66509
published_at	2026-04-01T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66631
published_at	2026-04-18T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66614
published_at	2026-04-12T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.6658
published_at	2026-04-13T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66616
published_at	2026-04-16T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66549
published_at	2026-04-02T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66574
published_at	2026-04-04T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66546
published_at	2026-04-07T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66593
published_at	2026-04-08T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66607
published_at	2026-04-09T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66626
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/752
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/752

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/

reference_url	https://research.loginsoft.com/bugs/1508/
reference_id
reference_type
scores
url	https://research.loginsoft.com/bugs/1508/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1699862
reference_id	1699862
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1699862

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721
reference_id	926721
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.75.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11026

reference_id

CVE-2019-11026

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11026

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2019-11026

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96jm-1vhy-eyfd

url VCID-bc96-6vy6-ryfz

vulnerability_id VCID-bc96-6vy6-ryfz

summary poppler: Stack-Overflow in `FoFiType1C::cvtGlyph`

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36023

reference_id

reference_type

scores

value	0.00068
scoring_system	epss
scoring_elements	0.20984
published_at	2026-04-01T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21138
published_at	2026-04-02T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20955
published_at	2026-04-18T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2102
published_at	2026-04-12T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20968
published_at	2026-04-13T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20956
published_at	2026-04-16T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21193
published_at	2026-04-04T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20906
published_at	2026-04-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20987
published_at	2026-04-08T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21048
published_at	2026-04-09T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21064
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013

reference_id

1013

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2231510
reference_id	2231510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2231510

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html

reference_url	https://usn.ubuntu.com/6299-1/
reference_id	USN-6299-1
reference_type
scores
url	https://usn.ubuntu.com/6299-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2020-36023

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bc96-6vy6-ryfz

url VCID-bvmu-gq2p-jygf

vulnerability_id VCID-bvmu-gq2p-jygf

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7511

reference_id

reference_type

scores

value	0.0032
scoring_system	epss
scoring_elements	0.54933
published_at	2026-04-01T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55105
published_at	2026-04-18T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.5508
published_at	2026-04-12T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55101
published_at	2026-04-16T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55038
published_at	2026-04-07T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55063
published_at	2026-04-13T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55088
published_at	2026-04-09T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.551
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1456827
reference_id	1456827
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1456827

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759
reference_id	863759
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-7511

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvmu-gq2p-jygf

url VCID-c4wz-u632-eyeh

vulnerability_id VCID-c4wz-u632-eyeh

summary poppler: abort in PDFDoc::savePageAs in PDFDoc.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37050

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.19984
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19786
published_at	2026-04-18T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19769
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19849
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19903
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19912
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19869
published_at	2026-04-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19811
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19783
published_at	2026-04-16T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20043
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274

reference_id

1274

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234527
reference_id	2234527
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234527

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990

reference_id

dcd5bd8238ea448addd102ff045badd0aca1b990

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html

reference_url	https://usn.ubuntu.com/6508-1/
reference_id	USN-6508-1
reference_type
scores
url	https://usn.ubuntu.com/6508-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2022-37050

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4wz-u632-eyeh

url VCID-crcj-9bh9-7kb7

vulnerability_id VCID-crcj-9bh9-7kb7

summary poppler: integer overflow in JPXStream::init function leading to memory consumption

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9959

reference_id

reference_type

scores

value	0.01488
scoring_system	epss
scoring_elements	0.80977
published_at	2026-04-01T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.80986
published_at	2026-04-02T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81009
published_at	2026-04-04T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81008
published_at	2026-04-07T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81036
published_at	2026-04-08T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81043
published_at	2026-04-09T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.8106
published_at	2026-04-11T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81047
published_at	2026-04-12T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81039
published_at	2026-04-13T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81077
published_at	2026-04-16T12:55:00Z

value	0.01488
scoring_system	epss
scoring_elements	0.81078
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9959

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1732340
reference_id	1732340
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1732340

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776
reference_id	941776
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://access.redhat.com/errata/RHSA-2020:1074
reference_id	RHSA-2020:1074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1074

reference_url	https://usn.ubuntu.com/4646-1/
reference_id	USN-4646-1
reference_type
scores
url	https://usn.ubuntu.com/4646-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2019-9959

risk_score 2.8

exploitability 0.5

weighted_severity 5.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-crcj-9bh9-7kb7

url VCID-csqv-t3cr-4uap

vulnerability_id VCID-csqv-t3cr-4uap

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14517

reference_id

reference_type

scores

value	0.00231
scoring_system	epss
scoring_elements	0.4595
published_at	2026-04-18T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45897
published_at	2026-04-12T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45904
published_at	2026-04-13T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45956
published_at	2026-04-16T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61293
published_at	2026-04-01T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61372
published_at	2026-04-02T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61401
published_at	2026-04-04T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.6137
published_at	2026-04-07T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61417
published_at	2026-04-08T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61433
published_at	2026-04-09T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61454
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14517

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102687
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	http://www.securityfocus.com/bid/105050
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/105050

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499162
reference_id	1499162
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499162

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079
reference_id	876079
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14517

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json

reference_url	https://usn.ubuntu.com/3433-1/
reference_id	USN-3433-1
reference_type
scores
url	https://usn.ubuntu.com/3433-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14517

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-csqv-t3cr-4uap

url VCID-cwyp-gapg-yufk

vulnerability_id VCID-cwyp-gapg-yufk

summary poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20650

reference_id

reference_type

scores

value	0.00355
scoring_system	epss
scoring_elements	0.57699
published_at	2026-04-01T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57836
published_at	2026-04-18T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57829
published_at	2026-04-12T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57808
published_at	2026-04-13T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57837
published_at	2026-04-16T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57783
published_at	2026-04-02T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57803
published_at	2026-04-04T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57778
published_at	2026-04-07T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57833
published_at	2026-04-08T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57834
published_at	2026-04-09T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57851
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20650

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/704
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/704

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html

reference_url	http://www.securityfocus.com/bid/106459
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106459

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665263
reference_id	1665263
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665263

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974
reference_id	917974
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20650

reference_id

CVE-2018-20650

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20650

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3865-1/
reference_id	USN-3865-1
reference_type
scores
url	https://usn.ubuntu.com/3865-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2018-20650

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwyp-gapg-yufk

url VCID-d5fj-5prg-97f4

vulnerability_id VCID-d5fj-5prg-97f4

summary poppler: Out-of-Bounds Read in Poppler

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32365

reference_id

reference_type

scores

value	0.00079
scoring_system	epss
scoring_elements	0.23524
published_at	2026-04-02T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23403
published_at	2026-04-18T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23466
published_at	2026-04-09T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23484
published_at	2026-04-11T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23446
published_at	2026-04-12T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23391
published_at	2026-04-13T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23408
published_at	2026-04-16T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23561
published_at	2026-04-04T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23343
published_at	2026-04-07T12:55:00Z

value	0.00079
scoring_system	epss
scoring_elements	0.23416
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191
reference_id	1102191
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577

reference_id

1577

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792

reference_id

1792

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2357656
reference_id	2357656
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2357656

reference_url	https://access.redhat.com/errata/RHSA-2026:0126
reference_id	RHSA-2026:0126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0126

reference_url	https://access.redhat.com/errata/RHSA-2026:0128
reference_id	RHSA-2026:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0128

reference_url	https://access.redhat.com/errata/RHSA-2026:0130
reference_id	RHSA-2026:0130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0130

reference_url	https://access.redhat.com/errata/RHSA-2026:0772
reference_id	RHSA-2026:0772
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0772

reference_url	https://access.redhat.com/errata/RHSA-2026:0773
reference_id	RHSA-2026:0773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0773

reference_url	https://access.redhat.com/errata/RHSA-2026:0774
reference_id	RHSA-2026:0774
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0774

reference_url	https://access.redhat.com/errata/RHSA-2026:0795
reference_id	RHSA-2026:0795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0795

reference_url	https://access.redhat.com/errata/RHSA-2026:0796
reference_id	RHSA-2026:0796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0796

reference_url	https://access.redhat.com/errata/RHSA-2026:0797
reference_id	RHSA-2026:0797
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0797

reference_url	https://access.redhat.com/errata/RHSA-2026:0799
reference_id	RHSA-2026:0799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0799

reference_url	https://access.redhat.com/errata/RHSA-2026:1090
reference_id	RHSA-2026:1090
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1090

reference_url	https://access.redhat.com/errata/RHSA-2026:1091
reference_id	RHSA-2026:1091
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1091

reference_url	https://usn.ubuntu.com/7426-1/
reference_id	USN-7426-1
reference_type
scores
url	https://usn.ubuntu.com/7426-1/

reference_url	https://usn.ubuntu.com/7426-2/
reference_id	USN-7426-2
reference_type
scores
url	https://usn.ubuntu.com/7426-2/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2025-32365

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5fj-5prg-97f4

url VCID-dh3p-2g4s-wke6

vulnerability_id VCID-dh3p-2g4s-wke6

summary poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10872

reference_id

reference_type

scores

value	0.00935
scoring_system	epss
scoring_elements	0.76097
published_at	2026-04-01T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76201
published_at	2026-04-18T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76159
published_at	2026-04-12T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76156
published_at	2026-04-13T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76198
published_at	2026-04-16T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.761
published_at	2026-04-02T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76132
published_at	2026-04-04T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76112
published_at	2026-04-07T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76145
published_at	2026-04-08T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76158
published_at	2026-04-09T12:55:00Z

value	0.00935
scoring_system	epss
scoring_elements	0.76183
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10872

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/750
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/750

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/

reference_url	http://www.securityfocus.com/bid/107862
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107862

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696638
reference_id	1696638
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696638

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530
reference_id	926530
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10872

reference_id

CVE-2019-10872

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10872

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-10872

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh3p-2g4s-wke6

url VCID-enu8-gjre-fbap

vulnerability_id VCID-enu8-gjre-fbap

summary poppler: uncontrolled recursion in pdfinfo and pdftops

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-23804

reference_id

reference_type

scores

value	0.00264
scoring_system	epss
scoring_elements	0.49843
published_at	2026-04-01T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.4988
published_at	2026-04-02T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49909
published_at	2026-04-04T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49859
published_at	2026-04-07T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49913
published_at	2026-04-08T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49906
published_at	2026-04-09T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49925
published_at	2026-04-11T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49897
published_at	2026-04-12T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49898
published_at	2026-04-13T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.49944
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-23804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234526
reference_id	2234526
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234526

reference_url	https://usn.ubuntu.com/6508-1/
reference_id	USN-6508-1
reference_type
scores
url	https://usn.ubuntu.com/6508-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2020-23804

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enu8-gjre-fbap

url VCID-ervb-318m-tygv

vulnerability_id VCID-ervb-318m-tygv

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14975

reference_id

reference_type

scores

value	0.01097
scoring_system	epss
scoring_elements	0.7795
published_at	2026-04-01T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78041
published_at	2026-04-18T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78026
published_at	2026-04-11T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-12T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78007
published_at	2026-04-13T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78042
published_at	2026-04-16T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77957
published_at	2026-04-02T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77986
published_at	2026-04-04T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77967
published_at	2026-04-07T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77994
published_at	2026-04-08T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77999
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14975

reference_url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102653
reference_id
reference_type
scores
url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102653

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500343
reference_id	1500343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500343

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957
reference_id	877957
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14975

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14975

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ervb-318m-tygv

url VCID-ervj-1sdg-b3bm

vulnerability_id VCID-ervj-1sdg-b3bm

summary poppler: pdfdetach utility does not validate save paths

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19060

reference_id

reference_type

scores

value	0.00147
scoring_system	epss
scoring_elements	0.35073
published_at	2026-04-01T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35273
published_at	2026-04-02T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35301
published_at	2026-04-04T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35182
published_at	2026-04-07T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35227
published_at	2026-04-08T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35252
published_at	2026-04-09T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35256
published_at	2026-04-11T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35221
published_at	2026-04-18T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35197
published_at	2026-04-13T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35235
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1649450
reference_id	1649450
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1649450

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182
reference_id	913182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2018-19060

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ervj-1sdg-b3bm

url VCID-ex2h-ahg3-s7b9

vulnerability_id VCID-ex2h-ahg3-s7b9

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14977

reference_id

reference_type

scores

value	0.01097
scoring_system	epss
scoring_elements	0.7795
published_at	2026-04-01T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78041
published_at	2026-04-18T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78026
published_at	2026-04-11T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-12T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78007
published_at	2026-04-13T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78042
published_at	2026-04-16T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77957
published_at	2026-04-02T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77986
published_at	2026-04-04T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77967
published_at	2026-04-07T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77994
published_at	2026-04-08T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77999
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14977

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103045
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500344
reference_id	1500344
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500344

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952
reference_id	877952
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14977

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14977

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ex2h-ahg3-s7b9

url VCID-gt34-muf6-abc7

vulnerability_id VCID-gt34-muf6-abc7

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9865

reference_id

reference_type

scores

value	0.0076
scoring_system	epss
scoring_elements	0.73288
published_at	2026-04-01T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73389
published_at	2026-04-18T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73338
published_at	2026-04-13T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73381
published_at	2026-04-16T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73297
published_at	2026-04-02T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73321
published_at	2026-04-04T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73293
published_at	2026-04-07T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73329
published_at	2026-04-08T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73342
published_at	2026-04-09T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73366
published_at	2026-04-11T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73346
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466435
reference_id	1466435
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466435

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477
reference_id	867477
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9865

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gt34-muf6-abc7

url VCID-h1ka-xthk-rug9

vulnerability_id VCID-h1ka-xthk-rug9

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14518

reference_id

reference_type

scores

value	0.00272
scoring_system	epss
scoring_elements	0.50673
published_at	2026-04-18T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5064
published_at	2026-04-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50625
published_at	2026-04-13T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50667
published_at	2026-04-16T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.5724
published_at	2026-04-01T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57322
published_at	2026-04-02T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57345
published_at	2026-04-04T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57321
published_at	2026-04-07T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57372
published_at	2026-04-08T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57374
published_at	2026-04-09T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.5739
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14518

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102688
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499163
reference_id	1499163
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499163

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082
reference_id	876082
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14518

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14518

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1ka-xthk-rug9

url VCID-h3q1-dbx2-hubv

vulnerability_id VCID-h3q1-dbx2-hubv

summary A vulnerability has been discovered in Poppler which could allow for arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-38784

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24499
published_at	2026-04-18T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24494
published_at	2026-04-13T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24506
published_at	2026-04-16T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24652
published_at	2026-04-02T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24689
published_at	2026-04-04T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24461
published_at	2026-04-07T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24531
published_at	2026-04-08T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24575
published_at	2026-04-09T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24591
published_at	2026-04-11T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24547
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-38784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971
reference_id	1018971
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2124527
reference_id	2124527
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2124527

reference_url

reference_id

AVG-2812

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json

reference_url	https://security.gentoo.org/glsa/202209-21
reference_id	GLSA-202209-21
reference_type
scores
url	https://security.gentoo.org/glsa/202209-21

reference_url	https://access.redhat.com/errata/RHSA-2023:2259
reference_id	RHSA-2023:2259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2259

reference_url	https://access.redhat.com/errata/RHSA-2023:2810
reference_id	RHSA-2023:2810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2810

reference_url	https://usn.ubuntu.com/5606-1/
reference_id	USN-5606-1
reference_type
scores
url	https://usn.ubuntu.com/5606-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2022-38784

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3q1-dbx2-hubv

url VCID-hf11-8tk1-5kc4

vulnerability_id VCID-hf11-8tk1-5kc4

summary poppler: Memory corruption via Gfx.cc infinite loop

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14929

reference_id

reference_type

scores

value	0.00192
scoring_system	epss
scoring_elements	0.41142
published_at	2026-04-18T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41145
published_at	2026-04-12T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41128
published_at	2026-04-13T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41171
published_at	2026-04-16T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64642
published_at	2026-04-02T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64629
published_at	2026-04-07T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64677
published_at	2026-04-08T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64693
published_at	2026-04-09T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64709
published_at	2026-04-11T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64589
published_at	2026-04-01T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64671
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14929

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102969
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929

reference_url	https://www.debian.org/security/2018/dsa-4097
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4097

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499167
reference_id	1499167
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499167

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222
reference_id	877222
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14929

reference_id

CVE-2017-14929

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14929

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14929

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hf11-8tk1-5kc4

url VCID-hmbq-4c5b-ukd7

vulnerability_id VCID-hmbq-4c5b-ukd7

summary poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20481

reference_id

reference_type

scores

value	0.0119
scoring_system	epss
scoring_elements	0.78778
published_at	2026-04-01T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78853
published_at	2026-04-18T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-12T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78828
published_at	2026-04-13T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78856
published_at	2026-04-16T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78785
published_at	2026-04-02T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78816
published_at	2026-04-04T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78799
published_at	2026-04-07T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78825
published_at	2026-04-08T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78831
published_at	2026-04-09T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/692
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/692

reference_url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	http://www.securityfocus.com/bid/106321
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106321

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665266
reference_id	1665266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665266

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325
reference_id	917325
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20481

reference_id

CVE-2018-20481

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20481

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3865-1/
reference_id	USN-3865-1
reference_type
scores
url	https://usn.ubuntu.com/3865-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-20481

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7

url VCID-hszt-6bxr-syfe

vulnerability_id VCID-hszt-6bxr-syfe

summary poppler: Floating point exception in the ImageStream class

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14617

reference_id

reference_type

scores

value	0.00525
scoring_system	epss
scoring_elements	0.66908
published_at	2026-04-01T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67031
published_at	2026-04-18T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67028
published_at	2026-04-11T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67014
published_at	2026-04-12T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.66983
published_at	2026-04-13T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67016
published_at	2026-04-16T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.66946
published_at	2026-04-07T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.66972
published_at	2026-04-04T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.66996
published_at	2026-04-08T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67008
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14617

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102854
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499905
reference_id	1499905
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499905

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385
reference_id	876385
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14617

reference_id

CVE-2017-14617

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14617

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14617

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hszt-6bxr-syfe

url VCID-jauh-5qga-hucw

vulnerability_id VCID-jauh-5qga-hucw

summary poppler: Stack exhaustion due to infinite recursive call in pdfunite

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7515

reference_id

reference_type

scores

value	0.00216
scoring_system	epss
scoring_elements	0.44077
published_at	2026-04-01T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44184
published_at	2026-04-18T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44132
published_at	2026-04-13T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44193
published_at	2026-04-16T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44141
published_at	2026-04-02T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44164
published_at	2026-04-04T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44095
published_at	2026-04-07T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44146
published_at	2026-04-08T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44149
published_at	2026-04-09T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44165
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	2.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1459066
reference_id	1459066
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1459066

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-7515

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jauh-5qga-hucw

url VCID-jc37-xtrj-p3cm

vulnerability_id VCID-jc37-xtrj-p3cm

summary poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20662

reference_id

reference_type

scores

value	0.0059
scoring_system	epss
scoring_elements	0.69132
published_at	2026-04-01T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69245
published_at	2026-04-18T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69226
published_at	2026-04-12T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69198
published_at	2026-04-13T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69237
published_at	2026-04-16T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69148
published_at	2026-04-02T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69169
published_at	2026-04-04T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.6915
published_at	2026-04-07T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.692
published_at	2026-04-08T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69218
published_at	2026-04-09T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.6924
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20662

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/706
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/706

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665273
reference_id	1665273
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665273

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158
reference_id	918158
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20662

reference_id

CVE-2018-20662

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20662

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-20662

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm

url VCID-jd42-3thk-rqhr

vulnerability_id VCID-jd42-3thk-rqhr

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9406

reference_id

reference_type

scores

value	0.01046
scoring_system	epss
scoring_elements	0.77441
published_at	2026-04-01T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77531
published_at	2026-04-18T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77495
published_at	2026-04-13T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77534
published_at	2026-04-16T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77447
published_at	2026-04-02T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77472
published_at	2026-04-04T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77453
published_at	2026-04-07T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77482
published_at	2026-04-08T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77492
published_at	2026-04-09T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77517
published_at	2026-04-11T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77498
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1458701
reference_id	1458701
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1458701

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010
reference_id	864010
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9406

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jd42-3thk-rqhr

url VCID-jw5j-xk5g-v3b1

vulnerability_id VCID-jw5j-xk5g-v3b1

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000456

reference_id

reference_type

scores

value	0.00719
scoring_system	epss
scoring_elements	0.72411
published_at	2026-04-07T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72508
published_at	2026-04-18T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72467
published_at	2026-04-12T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72457
published_at	2026-04-13T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72499
published_at	2026-04-16T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72416
published_at	2026-04-02T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72434
published_at	2026-04-04T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72449
published_at	2026-04-08T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72462
published_at	2026-04-09T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72485
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000456

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103116
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html

reference_url	https://www.debian.org/security/2018/dsa-4097
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4097

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1531382
reference_id	1531382
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1531382

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-1000456

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3517-1/
reference_id	USN-3517-1
reference_type
scores
url	https://usn.ubuntu.com/3517-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-1000456

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jw5j-xk5g-v3b1

url VCID-k1uz-1eqt-pbc6

vulnerability_id VCID-k1uz-1eqt-pbc6

summary poppler: buffer overflow in HtmlOutputDev::page

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-18839

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.39864
published_at	2026-04-01T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40012
published_at	2026-04-02T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39999
published_at	2026-04-18T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39978
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40028
published_at	2026-04-16T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40038
published_at	2026-04-04T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39958
published_at	2026-04-07T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40011
published_at	2026-04-08T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40025
published_at	2026-04-09T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40035
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39998
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-18839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234524
reference_id	2234524
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234524

reference_url

https://gitlab.freedesktop.org/poppler/poppler/issues/742

reference_id

742

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/

url

https://gitlab.freedesktop.org/poppler/poppler/issues/742

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2020-18839

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1uz-1eqt-pbc6

url VCID-kf69-av43-wffs

vulnerability_id VCID-kf69-av43-wffs

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14976

reference_id

reference_type

scores

value	0.01093
scoring_system	epss
scoring_elements	0.77912
published_at	2026-04-01T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.78004
published_at	2026-04-18T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.7796
published_at	2026-04-09T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77987
published_at	2026-04-11T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.7797
published_at	2026-04-12T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77969
published_at	2026-04-13T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77919
published_at	2026-04-02T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77946
published_at	2026-04-04T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77929
published_at	2026-04-07T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77956
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14976

reference_url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102724
reference_id
reference_type
scores
url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102724

reference_url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf
reference_id
reference_type
scores
url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500345
reference_id	1500345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500345

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954
reference_id	877954
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14976

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3517-1/
reference_id	USN-3517-1
reference_type
scores
url	https://usn.ubuntu.com/3517-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14976

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kf69-av43-wffs

url VCID-kwa4-641f-ducs

vulnerability_id VCID-kwa4-641f-ducs

summary security update

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9776

reference_id

reference_type

scores

value	0.01248
scoring_system	epss
scoring_elements	0.79262
published_at	2026-04-01T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79334
published_at	2026-04-18T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79322
published_at	2026-04-12T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.7931
published_at	2026-04-13T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79337
published_at	2026-04-16T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79269
published_at	2026-04-02T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79293
published_at	2026-04-04T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79279
published_at	2026-04-07T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79304
published_at	2026-04-08T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79314
published_at	2026-04-09T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79338
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466443
reference_id	1466443
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679
reference_id	865679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679

reference_url	https://security.archlinux.org/ASA-201706-33
reference_id	ASA-201706-33
reference_type
scores
url	https://security.archlinux.org/ASA-201706-33

reference_url

reference_id

AVG-326

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2550
reference_id	RHSA-2017:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2550

reference_url	https://access.redhat.com/errata/RHSA-2017:2551
reference_id	RHSA-2017:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2551

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9776

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwa4-641f-ducs

url VCID-mqt3-g77k-xqer

vulnerability_id VCID-mqt3-g77k-xqer

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14519

reference_id

reference_type

scores

value	0.00123
scoring_system	epss
scoring_elements	0.31461
published_at	2026-04-18T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31485
published_at	2026-04-12T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31448
published_at	2026-04-13T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31482
published_at	2026-04-16T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62826
published_at	2026-04-01T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62884
published_at	2026-04-02T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62914
published_at	2026-04-04T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62878
published_at	2026-04-07T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62929
published_at	2026-04-08T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62945
published_at	2026-04-09T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62963
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14519

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102701
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499165
reference_id	1499165
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499165

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086
reference_id	876086
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14519

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json

reference_url	https://usn.ubuntu.com/3433-1/
reference_id	USN-3433-1
reference_type
scores
url	https://usn.ubuntu.com/3433-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14519

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt3-g77k-xqer

url VCID-myjj-5fsv-sybj

vulnerability_id VCID-myjj-5fsv-sybj

summary poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

references

reference_url

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12293

reference_id

reference_type

scores

value	0.00948
scoring_system	epss
scoring_elements	0.76282
published_at	2026-04-01T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76286
published_at	2026-04-02T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76316
published_at	2026-04-04T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76295
published_at	2026-04-07T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76328
published_at	2026-04-08T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76342
published_at	2026-04-13T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76369
published_at	2026-04-11T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76347
published_at	2026-04-12T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76382
published_at	2026-04-16T12:55:00Z

value	0.00948
scoring_system	epss
scoring_elements	0.76388
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12293

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1713582
reference_id	1713582
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1713582

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423
reference_id	929423
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://access.redhat.com/errata/RHSA-2020:1074
reference_id	RHSA-2020:1074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1074

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-12293

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myjj-5fsv-sybj

url VCID-n1sx-y7xc-kqfb

vulnerability_id VCID-n1sx-y7xc-kqfb

summary poppler: NULL pointer dereference in `FoFiType1C::convertToType1`

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36024

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26431
published_at	2026-04-11T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26481
published_at	2026-04-02T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26308
published_at	2026-04-18T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26385
published_at	2026-04-12T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26327
published_at	2026-04-13T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26335
published_at	2026-04-16T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26524
published_at	2026-04-04T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26305
published_at	2026-04-07T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26373
published_at	2026-04-08T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26423
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016

reference_id

1016

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2231520
reference_id	2231520
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2231520

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2979
reference_id	RHSA-2024:2979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2979

reference_url	https://usn.ubuntu.com/6299-1/
reference_id	USN-6299-1
reference_type
scores
url	https://usn.ubuntu.com/6299-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2020-36024

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sx-y7xc-kqfb

url VCID-ncat-8jz5-m7e5

vulnerability_id VCID-ncat-8jz5-m7e5

summary An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10018

reference_id

reference_type

scores

value	0.00323
scoring_system	epss
scoring_elements	0.55404
published_at	2026-04-16T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55387
published_at	2026-04-12T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55368
published_at	2026-04-13T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55246
published_at	2026-04-01T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55345
published_at	2026-04-02T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55369
published_at	2026-04-04T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55347
published_at	2026-04-07T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55398
published_at	2026-04-09T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55408
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10018

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018

reference_url	https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276
reference_id
reference_type
scores
url	https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133
reference_id	926133
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:::::::*
reference_id	cpe:2.3:a:xpdfreader:xpdf:4.01.01:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10018

reference_id

CVE-2019-10018

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10018

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-10018

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncat-8jz5-m7e5

url VCID-nqqu-29qr-wfec

vulnerability_id VCID-nqqu-29qr-wfec

summary poppler: reachable assertion due to a failure in markObject()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37052

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07427
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07418
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0752
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07507
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07429
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07469
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07451
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07509
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07532
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07534
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278

reference_id

1278

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2234530
reference_id	2234530
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2234530

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c

reference_id

8677500399fc2548fa816b619580c2c07915a98c

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c

reference_url	https://usn.ubuntu.com/6508-1/
reference_id	USN-6508-1
reference_type
scores
url	https://usn.ubuntu.com/6508-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2022-37052

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqu-29qr-wfec

url VCID-pc5k-98kh-suce

vulnerability_id VCID-pc5k-98kh-suce

summary poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14928

reference_id

reference_type

scores

value	0.00173
scoring_system	epss
scoring_elements	0.38669
published_at	2026-04-18T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.3867
published_at	2026-04-12T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38643
published_at	2026-04-13T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38691
published_at	2026-04-16T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52395
published_at	2026-04-01T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5244
published_at	2026-04-02T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52468
published_at	2026-04-04T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52433
published_at	2026-04-07T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52486
published_at	2026-04-08T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5248
published_at	2026-04-09T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52531
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14928

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102607
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500322
reference_id	1500322
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500322

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231
reference_id	877231
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14928

reference_id

CVE-2017-14928

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14928

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14928

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5k-98kh-suce

url VCID-qdcv-xd8k-8qbu

vulnerability_id VCID-qdcv-xd8k-8qbu

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19149

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49446
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49474
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.495
published_at	2026-04-04T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49453
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49508
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49504
published_at	2026-04-09T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49521
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49493
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49495
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49542
published_at	2026-04-16T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4954
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19149

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1649457
reference_id	1649457
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1649457

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600
reference_id	914600
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600

reference_url	https://security.gentoo.org/glsa/201904-04
reference_id	GLSA-201904-04
reference_type
scores
url	https://security.gentoo.org/glsa/201904-04

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

reference_url	https://usn.ubuntu.com/3837-2/
reference_id	USN-3837-2
reference_type
scores
url	https://usn.ubuntu.com/3837-2/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-19149

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcv-xd8k-8qbu

url VCID-qjj9-dejh-vuaq

vulnerability_id VCID-qjj9-dejh-vuaq

summary poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service

references

reference_url	https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0327

reference_url	https://access.redhat.com/errata/RHSA-2018:3505
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3505

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-18267

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50793
published_at	2026-04-01T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50935
published_at	2026-04-18T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50929
published_at	2026-04-16T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50907
published_at	2026-04-12T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50891
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50848
published_at	2026-04-02T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50874
published_at	2026-04-04T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50832
published_at	2026-04-07T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50889
published_at	2026-04-08T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50887
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-18267

reference_url	https://bugzilla.freedesktop.org/show_bug.cgi?id=103238
reference_id
reference_type
scores
url	https://bugzilla.freedesktop.org/show_bug.cgi?id=103238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1578777
reference_id	1578777
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1578777

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357
reference_id	898357
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::
reference_id	cpe:2.3:a:freedesktop:poppler::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_id	cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-18267

reference_id

CVE-2017-18267

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-18267

reference_url	https://access.redhat.com/errata/RHSA-2018:3140
reference_id	RHSA-2018:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3140

reference_url	https://usn.ubuntu.com/3647-1/
reference_id	USN-3647-1
reference_type
scores
url	https://usn.ubuntu.com/3647-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-18267

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qjj9-dejh-vuaq

url VCID-qpwe-7kfy-pyb8

vulnerability_id VCID-qpwe-7kfy-pyb8

summary poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-7310

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.5322
published_at	2026-04-01T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53344
published_at	2026-04-18T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53333
published_at	2026-04-11T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53318
published_at	2026-04-12T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53301
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53339
published_at	2026-04-16T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53244
published_at	2026-04-02T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53269
published_at	2026-04-04T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53236
published_at	2026-04-07T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53289
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53283
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-7310

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/717
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/717

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/

reference_url	http://www.securityfocus.com/bid/106829
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106829

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1672419
reference_id	1672419
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1672419

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215
reference_id	921215
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215

reference_url

https://security.archlinux.org/AVG-869

reference_id

AVG-869

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-869

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-7310

reference_id

CVE-2019-7310

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-7310

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3886-1/
reference_id	USN-3886-1
reference_type
scores
url	https://usn.ubuntu.com/3886-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-7310

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8

url VCID-qsy6-em2u-cyd2

vulnerability_id VCID-qsy6-em2u-cyd2

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15565

reference_id

reference_type

scores

value	0.00617
scoring_system	epss
scoring_elements	0.69878
published_at	2026-04-01T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69994
published_at	2026-04-18T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6994
published_at	2026-04-13T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69984
published_at	2026-04-16T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6989
published_at	2026-04-02T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69905
published_at	2026-04-04T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69882
published_at	2026-04-07T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6993
published_at	2026-04-08T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69946
published_at	2026-04-09T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6997
published_at	2026-04-11T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69954
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15565

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103016
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1510977
reference_id	1510977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1510977

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066
reference_id	879066
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-15565

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json

reference_url	https://usn.ubuntu.com/3467-1/
reference_id	USN-3467-1
reference_type
scores
url	https://usn.ubuntu.com/3467-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-15565

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsy6-em2u-cyd2

url VCID-qtb6-gvjp-cqbq

vulnerability_id VCID-qtb6-gvjp-cqbq

summary Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27337

reference_id

reference_type

scores

value	0.00237
scoring_system	epss
scoring_elements	0.46851
published_at	2026-04-18T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46798
published_at	2026-04-13T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46854
published_at	2026-04-16T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46773
published_at	2026-04-02T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46793
published_at	2026-04-04T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46742
published_at	2026-04-07T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46797
published_at	2026-04-08T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46796
published_at	2026-04-09T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46819
published_at	2026-04-11T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.46791
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27337

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695
reference_id	1010695
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2087190
reference_id	2087190
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2087190

reference_url

reference_id

AVG-2812

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json

reference_url	https://security.gentoo.org/glsa/202509-01
reference_id	GLSA-202509-01
reference_type
scores
url	https://security.gentoo.org/glsa/202509-01

reference_url	https://access.redhat.com/errata/RHSA-2022:7594
reference_id	RHSA-2022:7594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7594

reference_url	https://access.redhat.com/errata/RHSA-2022:8151
reference_id	RHSA-2022:8151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8151

reference_url	https://usn.ubuntu.com/6273-1/
reference_id	USN-6273-1
reference_type
scores
url	https://usn.ubuntu.com/6273-1/

reference_url	https://usn.ubuntu.com/7687-1/
reference_id	USN-7687-1
reference_type
scores
url	https://usn.ubuntu.com/7687-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2022-27337

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtb6-gvjp-cqbq

url VCID-s3q2-uvnc-wfep

vulnerability_id VCID-s3q2-uvnc-wfep

summary poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc

references

reference_url

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10871

reference_id

reference_type

scores

value	0.00628
scoring_system	epss
scoring_elements	0.70182
published_at	2026-04-01T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70295
published_at	2026-04-18T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70257
published_at	2026-04-12T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70244
published_at	2026-04-13T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70286
published_at	2026-04-16T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70194
published_at	2026-04-02T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70211
published_at	2026-04-04T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70188
published_at	2026-04-07T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70234
published_at	2026-04-08T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70249
published_at	2026-04-09T12:55:00Z

value	0.00628
scoring_system	epss
scoring_elements	0.70272
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/751
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/751

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/

reference_url	http://www.securityfocus.com/bid/107862
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107862

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696636
reference_id	1696636
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696636

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529
reference_id	926529
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10871

reference_id

CVE-2019-10871

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10871

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://access.redhat.com/errata/RHSA-2020:1074
reference_id	RHSA-2020:1074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1074

reference_url	https://usn.ubuntu.com/4646-1/
reference_id	USN-4646-1
reference_type
scores
url	https://usn.ubuntu.com/4646-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2019-10871

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3q2-uvnc-wfep

url VCID-tfe8-bq62-3ke4

vulnerability_id VCID-tfe8-bq62-3ke4

summary Poppler: out-of-bounds read

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-56378

reference_id

reference_type

scores

value	0.00305
scoring_system	epss
scoring_elements	0.53783
published_at	2026-04-18T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53675
published_at	2026-04-07T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53728
published_at	2026-04-08T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53725
published_at	2026-04-09T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53774
published_at	2026-04-11T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53757
published_at	2026-04-12T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53741
published_at	2026-04-13T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53779
published_at	2026-04-16T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53679
published_at	2026-04-02T12:55:00Z

value	0.00305
scoring_system	epss
scoring_elements	0.53707
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-56378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322
reference_id	1091322
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553

reference_id

1553

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2333794
reference_id	2333794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2333794

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e

reference_id

ade9b5ebed44b0c15522c27669ef6cdf93eff84e

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e

reference_url

https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621

reference_id

CMakeLists.txt#L621

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/

url

https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621

reference_url	https://usn.ubuntu.com/7213-1/
reference_id	USN-7213-1
reference_type
scores
url	https://usn.ubuntu.com/7213-1/

fixed_packages

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1

aliases CVE-2024-56378

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tfe8-bq62-3ke4

url VCID-tt3h-qbbv-zuev

vulnerability_id VCID-tt3h-qbbv-zuev

summary poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-18897

reference_id

reference_type

scores

value	0.0015
scoring_system	epss
scoring_elements	0.35609
published_at	2026-04-18T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35581
published_at	2026-04-13T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.3562
published_at	2026-04-16T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41626
published_at	2026-04-02T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.4158
published_at	2026-04-07T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.4163
published_at	2026-04-08T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41639
published_at	2026-04-09T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41663
published_at	2026-04-11T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41629
published_at	2026-04-12T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41536
published_at	2026-04-01T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41653
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-18897

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1646546
reference_id	1646546
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1646546

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164
reference_id	913164
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2018-18897

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3h-qbbv-zuev

url VCID-tu6x-7fgv-1ffu

vulnerability_id VCID-tu6x-7fgv-1ffu

summary poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9200

reference_id

reference_type

scores

value	0.05298
scoring_system	epss
scoring_elements	0.89978
published_at	2026-04-01T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90037
published_at	2026-04-18T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90029
published_at	2026-04-11T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90027
published_at	2026-04-12T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90021
published_at	2026-04-13T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.8998
published_at	2026-04-02T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.89993
published_at	2026-04-04T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.89998
published_at	2026-04-07T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90014
published_at	2026-04-08T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90019
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/728
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/728

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/
reference_id
reference_type
scores
url	https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/

reference_url	http://www.securityfocus.com/bid/107172
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107172

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1683632
reference_id	1683632
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1683632

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414
reference_id	923414
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9200

reference_id

CVE-2019-9200

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9200

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3905-1/
reference_id	USN-3905-1
reference_type
scores
url	https://usn.ubuntu.com/3905-1/

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-9200

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu

url VCID-tzdq-9gfz-yud5

vulnerability_id VCID-tzdq-9gfz-yud5

summary poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10873

reference_id

reference_type

scores

value	0.00905
scoring_system	epss
scoring_elements	0.75676
published_at	2026-04-01T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75773
published_at	2026-04-18T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75739
published_at	2026-04-12T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75733
published_at	2026-04-13T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.7577
published_at	2026-04-16T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75679
published_at	2026-04-02T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.7571
published_at	2026-04-04T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75689
published_at	2026-04-07T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75723
published_at	2026-04-08T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75734
published_at	2026-04-09T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75758
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/748
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/748

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/

reference_url	http://www.securityfocus.com/bid/107862
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107862

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696637
reference_id	1696637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696637

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532
reference_id	926532
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10873

reference_id

CVE-2019-10873

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10873

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2019-10873

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-9gfz-yud5

url VCID-wbyn-9mx6-a3gd

vulnerability_id VCID-wbyn-9mx6-a3gd

summary poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19059

reference_id

reference_type

scores

value	0.00129
scoring_system	epss
scoring_elements	0.3222
published_at	2026-04-01T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32355
published_at	2026-04-02T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32392
published_at	2026-04-04T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32217
published_at	2026-04-07T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32266
published_at	2026-04-08T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32295
published_at	2026-04-09T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32296
published_at	2026-04-11T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32258
published_at	2026-04-12T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32226
published_at	2026-04-13T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32261
published_at	2026-04-16T12:55:00Z

value	0.00129
scoring_system	epss
scoring_elements	0.32241
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19059

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1649440
reference_id	1649440
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1649440

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180
reference_id	913180
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2018-19059

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbyn-9mx6-a3gd

url VCID-yyzk-7mqj-m7hq

vulnerability_id VCID-yyzk-7mqj-m7hq

summary poppler: infinite recursion in Parser::getObj function in Parser.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16646

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.71552
published_at	2026-04-01T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71559
published_at	2026-04-02T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71577
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7155
published_at	2026-04-07T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7159
published_at	2026-04-08T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.716
published_at	2026-04-09T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71624
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71608
published_at	2026-04-12T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83896
published_at	2026-04-18T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83862
published_at	2026-04-13T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83895
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16646

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1626618
reference_id	1626618
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1626618

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802
reference_id	909802
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

reference_url	https://usn.ubuntu.com/3837-2/
reference_id	USN-3837-2
reference_type
scores
url	https://usn.ubuntu.com/3837-2/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2018-16646

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq

url VCID-zgja-p6ey-2kex

vulnerability_id VCID-zgja-p6ey-2kex

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9408

reference_id

reference_type

scores

value	0.01046
scoring_system	epss
scoring_elements	0.77441
published_at	2026-04-01T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77531
published_at	2026-04-18T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77495
published_at	2026-04-13T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77534
published_at	2026-04-16T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77447
published_at	2026-04-02T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77472
published_at	2026-04-04T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77453
published_at	2026-04-07T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77482
published_at	2026-04-08T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77492
published_at	2026-04-09T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77517
published_at	2026-04-11T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77498
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:S/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1458702
reference_id	1458702
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1458702

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009
reference_id	864009
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9408

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgja-p6ey-2kex

url VCID-zzy2-1yr8-83cf

vulnerability_id VCID-zzy2-1yr8-83cf

summary poppler: reachable abort in Object.h

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19058

reference_id

reference_type

scores

value	0.00276
scoring_system	epss
scoring_elements	0.50976
published_at	2026-04-01T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51029
published_at	2026-04-02T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51054
published_at	2026-04-04T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51011
published_at	2026-04-07T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51068
published_at	2026-04-08T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51065
published_at	2026-04-09T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51108
published_at	2026-04-11T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51087
published_at	2026-04-12T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51071
published_at	2026-04-13T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.5111
published_at	2026-04-16T12:55:00Z

value	0.00276
scoring_system	epss
scoring_elements	0.51116
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19058

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1649435
reference_id	1649435
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1649435

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177
reference_id	913177
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

fixed_packages

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1

aliases CVE-2018-19058

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-1yr8-83cf

Fixing_vulnerabilities

url VCID-3u3m-ru9u-buem

vulnerability_id VCID-3u3m-ru9u-buem

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9775

reference_id

reference_type

scores

value	0.00778
scoring_system	epss
scoring_elements	0.73589
published_at	2026-04-01T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73693
published_at	2026-04-18T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73648
published_at	2026-04-12T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.7364
published_at	2026-04-13T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73684
published_at	2026-04-16T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73598
published_at	2026-04-02T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73622
published_at	2026-04-04T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73594
published_at	2026-04-07T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.7363
published_at	2026-04-08T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73643
published_at	2026-04-09T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73666
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466442
reference_id	1466442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466442

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680
reference_id	865680
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680

reference_url	https://security.archlinux.org/ASA-201706-33
reference_id	ASA-201706-33
reference_type
scores
url	https://security.archlinux.org/ASA-201706-33

reference_url

reference_id

AVG-326

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2551
reference_id	RHSA-2017:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2551

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9775

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3u3m-ru9u-buem

url VCID-44yv-r4hg-17db

vulnerability_id VCID-44yv-r4hg-17db

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14520

reference_id

reference_type

scores

value	0.00223
scoring_system	epss
scoring_elements	0.45044
published_at	2026-04-18T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44956
published_at	2026-04-07T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45008
published_at	2026-04-08T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45009
published_at	2026-04-09T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45031
published_at	2026-04-11T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44999
published_at	2026-04-12T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45001
published_at	2026-04-13T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45051
published_at	2026-04-16T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51975
published_at	2026-04-02T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51927
published_at	2026-04-01T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14520

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102719
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1494582
reference_id	1494582
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1494582

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081
reference_id	876081
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14520

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14520

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44yv-r4hg-17db

url VCID-csqv-t3cr-4uap

vulnerability_id VCID-csqv-t3cr-4uap

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14517

reference_id

reference_type

scores

value	0.00231
scoring_system	epss
scoring_elements	0.4595
published_at	2026-04-18T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45897
published_at	2026-04-12T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45904
published_at	2026-04-13T12:55:00Z

value	0.00231
scoring_system	epss
scoring_elements	0.45956
published_at	2026-04-16T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61293
published_at	2026-04-01T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61372
published_at	2026-04-02T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61401
published_at	2026-04-04T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.6137
published_at	2026-04-07T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61417
published_at	2026-04-08T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61433
published_at	2026-04-09T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61454
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14517

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102687
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	http://www.securityfocus.com/bid/105050
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/105050

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499162
reference_id	1499162
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499162

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079
reference_id	876079
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14517

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12493

reference_url	https://usn.ubuntu.com/3433-1/
reference_id	USN-3433-1
reference_type
scores
url	https://usn.ubuntu.com/3433-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14517

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-csqv-t3cr-4uap

url VCID-ebyg-yhza-wkaq

vulnerability_id VCID-ebyg-yhza-wkaq

summary A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.

references

reference_url

reference_id

reference_type

scores

value	0.00295
scoring_system	epss
scoring_elements	0.52874
published_at	2026-04-18T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52749
published_at	2026-04-01T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52773
published_at	2026-04-02T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52799
published_at	2026-04-04T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52767
published_at	2026-04-07T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52818
published_at	2026-04-08T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52811
published_at	2026-04-09T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52862
published_at	2026-04-11T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52846
published_at	2026-04-12T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.5283
published_at	2026-04-13T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.52867
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

aliases CVE-2019-12493

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebyg-yhza-wkaq

url VCID-ervb-318m-tygv

vulnerability_id VCID-ervb-318m-tygv

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14975

reference_id

reference_type

scores

value	0.01097
scoring_system	epss
scoring_elements	0.7795
published_at	2026-04-01T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78041
published_at	2026-04-18T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78026
published_at	2026-04-11T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-12T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78007
published_at	2026-04-13T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78042
published_at	2026-04-16T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77957
published_at	2026-04-02T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77986
published_at	2026-04-04T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77967
published_at	2026-04-07T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77994
published_at	2026-04-08T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77999
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14975

reference_url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102653
reference_id
reference_type
scores
url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102653

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500343
reference_id	1500343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500343

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957
reference_id	877957
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14975

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14975

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ervb-318m-tygv

url VCID-ex2h-ahg3-s7b9

vulnerability_id VCID-ex2h-ahg3-s7b9

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14977

reference_id

reference_type

scores

value	0.01097
scoring_system	epss
scoring_elements	0.7795
published_at	2026-04-01T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78041
published_at	2026-04-18T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78026
published_at	2026-04-11T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-12T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78007
published_at	2026-04-13T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.78042
published_at	2026-04-16T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77957
published_at	2026-04-02T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77986
published_at	2026-04-04T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77967
published_at	2026-04-07T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77994
published_at	2026-04-08T12:55:00Z

value	0.01097
scoring_system	epss
scoring_elements	0.77999
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14977

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103045
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500344
reference_id	1500344
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500344

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952
reference_id	877952
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14977

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14977

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ex2h-ahg3-s7b9

url VCID-gfxh-3er7-zyam

vulnerability_id VCID-gfxh-3er7-zyam

summary xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

references

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12360

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57463
published_at	2026-04-01T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57547
published_at	2026-04-02T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57568
published_at	2026-04-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57543
published_at	2026-04-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57596
published_at	2026-04-08T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.576
published_at	2026-04-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57615
published_at	2026-04-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57595
published_at	2026-04-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57573
published_at	2026-04-13T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57602
published_at	2026-04-16T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57599
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1850876
reference_id	1850876
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1850876

fixed_packages

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

aliases CVE-2019-12360

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfxh-3er7-zyam

url VCID-gt34-muf6-abc7

vulnerability_id VCID-gt34-muf6-abc7

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9865

reference_id

reference_type

scores

value	0.0076
scoring_system	epss
scoring_elements	0.73288
published_at	2026-04-01T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73389
published_at	2026-04-18T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73338
published_at	2026-04-13T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73381
published_at	2026-04-16T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73297
published_at	2026-04-02T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73321
published_at	2026-04-04T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73293
published_at	2026-04-07T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73329
published_at	2026-04-08T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73342
published_at	2026-04-09T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73366
published_at	2026-04-11T12:55:00Z

value	0.0076
scoring_system	epss
scoring_elements	0.73346
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466435
reference_id	1466435
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466435

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477
reference_id	867477
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9865

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gt34-muf6-abc7

url VCID-h1ka-xthk-rug9

vulnerability_id VCID-h1ka-xthk-rug9

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14518

reference_id

reference_type

scores

value	0.00272
scoring_system	epss
scoring_elements	0.50673
published_at	2026-04-18T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5064
published_at	2026-04-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50625
published_at	2026-04-13T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50667
published_at	2026-04-16T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.5724
published_at	2026-04-01T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57322
published_at	2026-04-02T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57345
published_at	2026-04-04T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57321
published_at	2026-04-07T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57372
published_at	2026-04-08T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.57374
published_at	2026-04-09T12:55:00Z

value	0.00348
scoring_system	epss
scoring_elements	0.5739
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14518

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102688
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499163
reference_id	1499163
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499163

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082
reference_id	876082
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14518

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14518

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1ka-xthk-rug9

url VCID-jd42-3thk-rqhr

vulnerability_id VCID-jd42-3thk-rqhr

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow the execution of arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9406

reference_id

reference_type

scores

value	0.01046
scoring_system	epss
scoring_elements	0.77441
published_at	2026-04-01T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77531
published_at	2026-04-18T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77495
published_at	2026-04-13T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77534
published_at	2026-04-16T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77447
published_at	2026-04-02T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77472
published_at	2026-04-04T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77453
published_at	2026-04-07T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77482
published_at	2026-04-08T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77492
published_at	2026-04-09T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77517
published_at	2026-04-11T12:55:00Z

value	0.01046
scoring_system	epss
scoring_elements	0.77498
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:P

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1458701
reference_id	1458701
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1458701

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010
reference_id	864010
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010

reference_url	https://security.gentoo.org/glsa/201801-17
reference_id	GLSA-201801-17
reference_type
scores
url	https://security.gentoo.org/glsa/201801-17

reference_url	https://usn.ubuntu.com/3350-1/
reference_id	USN-3350-1
reference_type
scores
url	https://usn.ubuntu.com/3350-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9406

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jd42-3thk-rqhr

url VCID-jw5j-xk5g-v3b1

vulnerability_id VCID-jw5j-xk5g-v3b1

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000456

reference_id

reference_type

scores

value	0.00719
scoring_system	epss
scoring_elements	0.72411
published_at	2026-04-07T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72508
published_at	2026-04-18T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72467
published_at	2026-04-12T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72457
published_at	2026-04-13T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72499
published_at	2026-04-16T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72416
published_at	2026-04-02T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72434
published_at	2026-04-04T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72449
published_at	2026-04-08T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72462
published_at	2026-04-09T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72485
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000456

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103116
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html

reference_url	https://www.debian.org/security/2018/dsa-4097
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4097

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1531382
reference_id	1531382
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1531382

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-1000456

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3517-1/
reference_id	USN-3517-1
reference_type
scores
url	https://usn.ubuntu.com/3517-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-1000456

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jw5j-xk5g-v3b1

url VCID-kf69-av43-wffs

vulnerability_id VCID-kf69-av43-wffs

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which could allow a Denial of Service.

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14976

reference_id

reference_type

scores

value	0.01093
scoring_system	epss
scoring_elements	0.77912
published_at	2026-04-01T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.78004
published_at	2026-04-18T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.7796
published_at	2026-04-09T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77987
published_at	2026-04-11T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.7797
published_at	2026-04-12T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77969
published_at	2026-04-13T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77919
published_at	2026-04-02T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77946
published_at	2026-04-04T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77929
published_at	2026-04-07T12:55:00Z

value	0.01093
scoring_system	epss
scoring_elements	0.77956
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14976

reference_url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102724
reference_id
reference_type
scores
url	https://bugzilla.freedesktop.org/show_bug.cgi?id=102724

reference_url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf
reference_id
reference_type
scores
url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1500345
reference_id	1500345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1500345

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954
reference_id	877954
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-14976

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json

reference_url	https://security.gentoo.org/glsa/201804-03
reference_id	GLSA-201804-03
reference_type
scores
url	https://security.gentoo.org/glsa/201804-03

reference_url	https://usn.ubuntu.com/3517-1/
reference_id	USN-3517-1
reference_type
scores
url	https://usn.ubuntu.com/3517-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14976

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kf69-av43-wffs

url VCID-kre4-9v6u-3ked

vulnerability_id VCID-kre4-9v6u-3ked

summary poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF

references

reference_url	https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0327

reference_url	https://access.redhat.com/errata/RHSA-2018:3505
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3505

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10768

reference_id

reference_type

scores

value	0.01853
scoring_system	epss
scoring_elements	0.82945
published_at	2026-04-01T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83046
published_at	2026-04-18T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83012
published_at	2026-04-12T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83008
published_at	2026-04-13T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83047
published_at	2026-04-16T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.82961
published_at	2026-04-02T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.82974
published_at	2026-04-04T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.82971
published_at	2026-04-07T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.82996
published_at	2026-04-08T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83003
published_at	2026-04-09T12:55:00Z

value	0.01853
scoring_system	epss
scoring_elements	0.83019
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10768

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=106408
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=106408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1576169
reference_id	1576169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1576169

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::
reference_id	cpe:2.3:a:freedesktop:poppler::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_id	cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10768

reference_id

CVE-2018-10768

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10768

reference_url	https://access.redhat.com/errata/RHSA-2018:3140
reference_id	RHSA-2018:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3140

reference_url	https://usn.ubuntu.com/3647-1/
reference_id	USN-3647-1
reference_type
scores
url	https://usn.ubuntu.com/3647-1/

fixed_packages

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

aliases CVE-2018-10768

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kre4-9v6u-3ked

url VCID-kwa4-641f-ducs

vulnerability_id VCID-kwa4-641f-ducs

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9776

reference_id

reference_type

scores

value	0.01248
scoring_system	epss
scoring_elements	0.79262
published_at	2026-04-01T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79334
published_at	2026-04-18T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79322
published_at	2026-04-12T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.7931
published_at	2026-04-13T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79337
published_at	2026-04-16T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79269
published_at	2026-04-02T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79293
published_at	2026-04-04T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79279
published_at	2026-04-07T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79304
published_at	2026-04-08T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79314
published_at	2026-04-09T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79338
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1466443
reference_id	1466443
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1466443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679
reference_id	865679
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679

reference_url	https://security.archlinux.org/ASA-201706-33
reference_id	ASA-201706-33
reference_type
scores
url	https://security.archlinux.org/ASA-201706-33

reference_url

reference_id

AVG-326

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2550
reference_id	RHSA-2017:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2550

reference_url	https://access.redhat.com/errata/RHSA-2017:2551
reference_id	RHSA-2017:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2551

reference_url	https://usn.ubuntu.com/3440-1/
reference_id	USN-3440-1
reference_type
scores
url	https://usn.ubuntu.com/3440-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-9776

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwa4-641f-ducs

url VCID-mqt3-g77k-xqer

vulnerability_id VCID-mqt3-g77k-xqer

summary security update

references

reference_url

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14519

reference_id

reference_type

scores

value	0.00123
scoring_system	epss
scoring_elements	0.31461
published_at	2026-04-18T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31485
published_at	2026-04-12T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31448
published_at	2026-04-13T12:55:00Z

value	0.00123
scoring_system	epss
scoring_elements	0.31482
published_at	2026-04-16T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62826
published_at	2026-04-01T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62884
published_at	2026-04-02T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62914
published_at	2026-04-04T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62878
published_at	2026-04-07T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62929
published_at	2026-04-08T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62945
published_at	2026-04-09T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62963
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14519

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=102701
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=102701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499165
reference_id	1499165
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499165

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086
reference_id	876086
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url

reference_id

CVE-2017-14519

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8868

reference_url	https://usn.ubuntu.com/3433-1/
reference_id	USN-3433-1
reference_type
scores
url	https://usn.ubuntu.com/3433-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

url pkg:deb/debian/poppler@0.71.0-5

purl pkg:deb/debian/poppler@0.71.0-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5

aliases CVE-2017-14519

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt3-g77k-xqer

url VCID-qmt5-gtpg-vbg2

vulnerability_id VCID-qmt5-gtpg-vbg2

summary

Multiple vulnerabilities have been found in Poppler, the worst of
    which allows remote attackers to execute arbitrary code.

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2580.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2580.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json

reference_url

reference_id

reference_type

scores

value	0.01087
scoring_system	epss
scoring_elements	0.77944
published_at	2026-04-18T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77908
published_at	2026-04-13T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77945
published_at	2026-04-16T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77848
published_at	2026-04-01T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77855
published_at	2026-04-02T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77882
published_at	2026-04-04T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77865
published_at	2026-04-07T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77892
published_at	2026-04-08T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77897
published_at	2026-04-09T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.77924
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8868

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=93476
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=93476

reference_url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
reference_id
reference_type
scores
url	https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://poppler.freedesktop.org/releases.html
reference_id
reference_type
scores
url	https://poppler.freedesktop.org/releases.html

reference_url	http://www.debian.org/security/2016/dsa-3563
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3563

reference_url	http://www.openwall.com/lists/oss-security/2016/04/12/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/12/1

reference_url	http://www.securityfocus.com/bid/89324
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/89324

reference_url	http://www.ubuntu.com/usn/USN-2958-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2958-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1326225
reference_id	1326225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1326225

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578
reference_id	822578
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.39.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8868

reference_id

CVE-2015-8868

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8868

reference_url	https://security.gentoo.org/glsa/201611-15
reference_id	GLSA-201611-15
reference_type
scores
url	https://security.gentoo.org/glsa/201611-15

reference_url	https://access.redhat.com/errata/RHSA-2016:2580
reference_id	RHSA-2016:2580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2580

reference_url	https://usn.ubuntu.com/2958-1/
reference_id	USN-2958-1
reference_type
scores
url	https://usn.ubuntu.com/2958-1/

fixed_packages

url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-ebyg-yhza-wkaq

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gfxh-3er7-zyam

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kre4-9v6u-3ked

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qmt5-gtpg-vbg2

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4

url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29b3-s5n9-5fd8

vulnerability	VCID-2ck3-hjtt-hbax

vulnerability	VCID-3kw1-pxdk-27h4

vulnerability	VCID-3u3m-ru9u-buem

vulnerability	VCID-44yv-r4hg-17db

vulnerability	VCID-48ua-ch85-w3cg

vulnerability	VCID-4ucr-xaac-7uc7

vulnerability	VCID-5jej-esjt-uqak

vulnerability	VCID-5py7-z1gg-9fet

vulnerability	VCID-72nw-9jgd-4kdw

vulnerability	VCID-74sz-r8kq-qkd5

vulnerability	VCID-7n47-6efe-eybd

vulnerability	VCID-7p5r-eqxs-tugv

vulnerability	VCID-8t2a-b56v-tqcs

vulnerability	VCID-96jm-1vhy-eyfd

vulnerability	VCID-bc96-6vy6-ryfz

vulnerability	VCID-bvmu-gq2p-jygf

vulnerability	VCID-c4wz-u632-eyeh

vulnerability	VCID-crcj-9bh9-7kb7

vulnerability	VCID-csqv-t3cr-4uap

vulnerability	VCID-cwyp-gapg-yufk

vulnerability	VCID-d5fj-5prg-97f4

vulnerability	VCID-dh3p-2g4s-wke6

vulnerability	VCID-enu8-gjre-fbap

vulnerability	VCID-ervb-318m-tygv

vulnerability	VCID-ervj-1sdg-b3bm

vulnerability	VCID-ex2h-ahg3-s7b9

vulnerability	VCID-gt34-muf6-abc7

vulnerability	VCID-h1ka-xthk-rug9

vulnerability	VCID-h3q1-dbx2-hubv

vulnerability	VCID-hf11-8tk1-5kc4

vulnerability	VCID-hmbq-4c5b-ukd7

vulnerability	VCID-hszt-6bxr-syfe

vulnerability	VCID-jauh-5qga-hucw

vulnerability	VCID-jc37-xtrj-p3cm

vulnerability	VCID-jd42-3thk-rqhr

vulnerability	VCID-jw5j-xk5g-v3b1

vulnerability	VCID-k1uz-1eqt-pbc6

vulnerability	VCID-kf69-av43-wffs

vulnerability	VCID-kwa4-641f-ducs

vulnerability	VCID-mqt3-g77k-xqer

vulnerability	VCID-myjj-5fsv-sybj

vulnerability	VCID-n1sx-y7xc-kqfb

vulnerability	VCID-ncat-8jz5-m7e5

vulnerability	VCID-nqqu-29qr-wfec

vulnerability	VCID-pc5k-98kh-suce

vulnerability	VCID-qdcv-xd8k-8qbu

vulnerability	VCID-qjj9-dejh-vuaq

vulnerability	VCID-qpwe-7kfy-pyb8

vulnerability	VCID-qsy6-em2u-cyd2

vulnerability	VCID-qtb6-gvjp-cqbq

vulnerability	VCID-s3q2-uvnc-wfep

vulnerability	VCID-tfe8-bq62-3ke4

vulnerability	VCID-tt3h-qbbv-zuev

vulnerability	VCID-tu6x-7fgv-1ffu

vulnerability	VCID-tzdq-9gfz-yud5

vulnerability	VCID-wbyn-9mx6-a3gd

vulnerability	VCID-yyzk-7mqj-m7hq

vulnerability	VCID-zgja-p6ey-2kex

vulnerability	VCID-zzy2-1yr8-83cf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2

aliases CVE-2015-8868

risk_score 4.2

exploitability 0.5

weighted_severity 8.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmt5-gtpg-vbg2

url VCID-qsy6-em2u-cyd2

vulnerability_id VCID-qsy6-em2u-cyd2

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15565

reference_id

reference_type

scores

value	0.00617
scoring_system	epss
scoring_elements	0.69878
published_at	2026-04-01T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69994
published_at	2026-04-18T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6994
published_at	2026-04-13T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69984
published_at	2026-04-16T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6989
published_at	2026-04-02T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69905
published_at	2026-04-04T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69882
published_at	2026-04-07T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6993
published_at	2026-04-08T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69946
published_at	2026-04-09T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.6997
published_at	2026-04-11T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69954
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15565

reference_url	https://bugs.freedesktop.org/show_bug.cgi?id=103016
reference_id
reference_type
scores
url	https://bugs.freedesktop.org/show_bug.cgi?id=103016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html

reference_url	https://www.debian.org/security/2018/dsa-4079
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4079

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1510977
reference_id	1510977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1510977

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066
reference_id	879066
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-15565

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url