Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/poppler@0.71.0-4?distro=trixie

Type deb

Namespace debian

Name poppler

Version 0.71.0-4

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.71.0-5

Latest_non_vulnerable_version 25.03.0-11.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-74sz-r8kq-qkd5

vulnerability_id VCID-74sz-r8kq-qkd5

summary poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20551

reference_id

reference_type

scores

value	0.00309
scoring_system	epss
scoring_elements	0.54012
published_at	2026-04-01T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54117
published_at	2026-04-21T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54094
published_at	2026-04-13T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54133
published_at	2026-04-16T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54137
published_at	2026-04-18T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.5403
published_at	2026-04-02T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54056
published_at	2026-04-04T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54033
published_at	2026-04-07T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54085
published_at	2026-04-08T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54083
published_at	2026-04-09T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54129
published_at	2026-04-11T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54111
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20551

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/703
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/703

reference_url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665259
reference_id	1665259
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665259

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525
reference_id	917525
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20551

reference_id

CVE-2018-20551

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20551

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3886-1/
reference_id	USN-3886-1
reference_type
scores
url	https://usn.ubuntu.com/3886-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2018-20551

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-74sz-r8kq-qkd5

url VCID-7p5r-eqxs-tugv

vulnerability_id VCID-7p5r-eqxs-tugv

summary poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9631

reference_id

reference_type

scores

value	0.02178
scoring_system	epss
scoring_elements	0.84271
published_at	2026-04-01T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84364
published_at	2026-04-21T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84338
published_at	2026-04-13T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.8436
published_at	2026-04-16T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84361
published_at	2026-04-18T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84284
published_at	2026-04-02T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84303
published_at	2026-04-04T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84304
published_at	2026-04-07T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84326
published_at	2026-04-08T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84331
published_at	2026-04-09T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84349
published_at	2026-04-11T12:55:00Z

value	0.02178
scoring_system	epss
scoring_elements	0.84342
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9631

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/736
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/736

reference_url	https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1686802
reference_id	1686802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1686802

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673
reference_id	926673
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9631

reference_id

CVE-2019-9631

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9631

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2019-9631

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv

url VCID-hmbq-4c5b-ukd7

vulnerability_id VCID-hmbq-4c5b-ukd7

summary poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20481

reference_id

reference_type

scores

value	0.0119
scoring_system	epss
scoring_elements	0.78778
published_at	2026-04-01T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.7885
published_at	2026-04-21T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78828
published_at	2026-04-13T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78856
published_at	2026-04-16T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78853
published_at	2026-04-18T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78785
published_at	2026-04-02T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78816
published_at	2026-04-04T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78799
published_at	2026-04-07T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78825
published_at	2026-04-08T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78831
published_at	2026-04-09T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-11T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20481

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/692
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/692

reference_url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	http://www.securityfocus.com/bid/106321
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106321

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665266
reference_id	1665266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665266

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325
reference_id	917325
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20481

reference_id

CVE-2018-20481

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20481

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3865-1/
reference_id	USN-3865-1
reference_type
scores
url	https://usn.ubuntu.com/3865-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2018-20481

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7

url VCID-jc37-xtrj-p3cm

vulnerability_id VCID-jc37-xtrj-p3cm

summary poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20662

reference_id

reference_type

scores

value	0.0059
scoring_system	epss
scoring_elements	0.69132
published_at	2026-04-01T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69224
published_at	2026-04-21T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69198
published_at	2026-04-13T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69237
published_at	2026-04-16T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69245
published_at	2026-04-18T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69148
published_at	2026-04-02T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69169
published_at	2026-04-04T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.6915
published_at	2026-04-07T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.692
published_at	2026-04-08T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69218
published_at	2026-04-09T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.6924
published_at	2026-04-11T12:55:00Z

value	0.0059
scoring_system	epss
scoring_elements	0.69226
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20662

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/706
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/706

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665273
reference_id	1665273
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665273

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158
reference_id	918158
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20662

reference_id

CVE-2018-20662

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20662

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2018-20662

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm

url VCID-qpwe-7kfy-pyb8

vulnerability_id VCID-qpwe-7kfy-pyb8

summary poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-7310

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.5322
published_at	2026-04-01T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53324
published_at	2026-04-21T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53318
published_at	2026-04-12T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53301
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53339
published_at	2026-04-16T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53344
published_at	2026-04-18T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53244
published_at	2026-04-02T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53269
published_at	2026-04-04T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53236
published_at	2026-04-07T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53289
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53283
published_at	2026-04-09T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53333
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-7310

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/717
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/717

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/

reference_url	http://www.securityfocus.com/bid/106829
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106829

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1672419
reference_id	1672419
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1672419

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215
reference_id	921215
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215

reference_url

https://security.archlinux.org/AVG-869

reference_id

AVG-869

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-869

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-7310

reference_id

CVE-2019-7310

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-7310

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3886-1/
reference_id	USN-3886-1
reference_type
scores
url	https://usn.ubuntu.com/3886-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2019-7310

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8

url VCID-tu6x-7fgv-1ffu

vulnerability_id VCID-tu6x-7fgv-1ffu

summary poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9200

reference_id

reference_type

scores

value	0.05298
scoring_system	epss
scoring_elements	0.89978
published_at	2026-04-01T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90035
published_at	2026-04-21T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90027
published_at	2026-04-12T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90021
published_at	2026-04-13T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90037
published_at	2026-04-18T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.8998
published_at	2026-04-02T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.89993
published_at	2026-04-04T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.89998
published_at	2026-04-07T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90014
published_at	2026-04-08T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90019
published_at	2026-04-09T12:55:00Z

value	0.05298
scoring_system	epss
scoring_elements	0.90029
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9200

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/728
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/728

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/

reference_url	https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/
reference_id
reference_type
scores
url	https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/

reference_url	http://www.securityfocus.com/bid/107172
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107172

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1683632
reference_id	1683632
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1683632

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414
reference_id	923414
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9200

reference_id

CVE-2019-9200

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9200

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://access.redhat.com/errata/RHSA-2019:2713
reference_id	RHSA-2019:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2713

reference_url	https://usn.ubuntu.com/3905-1/
reference_id	USN-3905-1
reference_type
scores
url	https://usn.ubuntu.com/3905-1/

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2019-9200

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu

url VCID-tzdq-9gfz-yud5

vulnerability_id VCID-tzdq-9gfz-yud5

summary poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10873

reference_id

reference_type

scores

value	0.00905
scoring_system	epss
scoring_elements	0.75676
published_at	2026-04-01T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75759
published_at	2026-04-21T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75733
published_at	2026-04-13T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.7577
published_at	2026-04-16T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75773
published_at	2026-04-18T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75679
published_at	2026-04-02T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.7571
published_at	2026-04-04T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75689
published_at	2026-04-07T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75723
published_at	2026-04-08T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75734
published_at	2026-04-09T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75758
published_at	2026-04-11T12:55:00Z

value	0.00905
scoring_system	epss
scoring_elements	0.75739
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.freedesktop.org/poppler/poppler/issues/748
reference_id
reference_type
scores
url	https://gitlab.freedesktop.org/poppler/poppler/issues/748

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/

reference_url	http://www.securityfocus.com/bid/107862
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107862

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696637
reference_id	1696637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696637

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532
reference_id	926532
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_id	cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10873

reference_id

CVE-2019-10873

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10873

reference_url	https://usn.ubuntu.com/4042-1/
reference_id	USN-4042-1
reference_type
scores
url	https://usn.ubuntu.com/4042-1/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2019-10873

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-9gfz-yud5

url VCID-yyzk-7mqj-m7hq

vulnerability_id VCID-yyzk-7mqj-m7hq

summary poppler: infinite recursion in Parser::getObj function in Parser.cc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16646

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.71552
published_at	2026-04-01T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71559
published_at	2026-04-02T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71577
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7155
published_at	2026-04-07T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7159
published_at	2026-04-08T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.716
published_at	2026-04-09T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71624
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71608
published_at	2026-04-12T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83896
published_at	2026-04-18T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83862
published_at	2026-04-13T12:55:00Z

value	0.02049
scoring_system	epss
scoring_elements	0.83895
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16646

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1626618
reference_id	1626618
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1626618

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802
reference_id	909802
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802

reference_url	https://access.redhat.com/errata/RHSA-2019:2022
reference_id	RHSA-2019:2022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2022

reference_url	https://usn.ubuntu.com/3837-1/
reference_id	USN-3837-1
reference_type
scores
url	https://usn.ubuntu.com/3837-1/

reference_url	https://usn.ubuntu.com/3837-2/
reference_id	USN-3837-2
reference_type
scores
url	https://usn.ubuntu.com/3837-2/

fixed_packages

url	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
purl	pkg:deb/debian/poppler@0.71.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-48d5-zxmm-r3g4

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-anb3-1s96-wbaq

vulnerability	VCID-ygrf-gq35-fkfd

vulnerability	VCID-yy6j-1h5z-wbgp

vulnerability	VCID-yyxy-juya-a3f1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a8zz-dfdm-1uf7

vulnerability	VCID-yy6j-1h5z-wbgp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl	pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

aliases CVE-2018-16646

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie

Package Instance