Search for packages
| purl | pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1 |
| Next non-vulnerable version | 25.03.0-11.1 |
| Latest non-vulnerable version | 25.03.0-11.1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-29b3-s5n9-5fd8
Aliases: CVE-2018-13988 |
poppler: out of bounds read in pdfunite |
Affected by 24 other vulnerabilities. |
|
VCID-2ck3-hjtt-hbax
Aliases: CVE-2020-27778 |
poppler: pdftohtml: access to uninitialized pointer could lead to DoS |
Affected by 15 other vulnerabilities. |
|
VCID-3kw1-pxdk-27h4
Aliases: CVE-2017-14927 |
poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function |
Affected by 24 other vulnerabilities. |
|
VCID-3u3m-ru9u-buem
Aliases: CVE-2017-9775 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-44yv-r4hg-17db
Aliases: CVE-2017-14520 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-48ua-ch85-w3cg
Aliases: CVE-2022-38349 |
poppler: Reachable assertion in Object.h |
Affected by 6 other vulnerabilities. |
|
VCID-4ucr-xaac-7uc7
Aliases: CVE-2025-32364 |
poppler: Floating-Point Exception in Poppler |
Affected by 6 other vulnerabilities. |
|
VCID-5jej-esjt-uqak
Aliases: CVE-2018-21009 |
poppler: integer overflow in Parser::makeStream in Parser.cc |
Affected by 24 other vulnerabilities. |
|
VCID-5py7-z1gg-9fet
Aliases: CVE-2019-14494 |
poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc |
Affected by 15 other vulnerabilities. |
|
VCID-72nw-9jgd-4kdw
Aliases: CVE-2022-37051 |
poppler: abort in main() in pdfunite.cc |
Affected by 6 other vulnerabilities. |
|
VCID-74sz-r8kq-qkd5
Aliases: CVE-2018-20551 |
poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c |
Affected by 24 other vulnerabilities. |
|
VCID-7n47-6efe-eybd
Aliases: CVE-2017-14926 |
poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content |
Affected by 24 other vulnerabilities. |
|
VCID-7p5r-eqxs-tugv
Aliases: CVE-2019-9631 |
poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc |
Affected by 24 other vulnerabilities. |
|
VCID-8t2a-b56v-tqcs
Aliases: CVE-2019-9903 |
poppler: stack consumption in function Dict::find() in Dict.cc |
Affected by 15 other vulnerabilities. |
|
VCID-96jm-1vhy-eyfd
Aliases: CVE-2019-11026 |
poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc |
Affected by 15 other vulnerabilities. |
|
VCID-bc96-6vy6-ryfz
Aliases: CVE-2020-36023 |
poppler: Stack-Overflow in `FoFiType1C::cvtGlyph` |
Affected by 6 other vulnerabilities. |
|
VCID-bvmu-gq2p-jygf
Aliases: CVE-2017-7511 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-c4wz-u632-eyeh
Aliases: CVE-2022-37050 |
poppler: abort in PDFDoc::savePageAs in PDFDoc.c |
Affected by 6 other vulnerabilities. |
|
VCID-crcj-9bh9-7kb7
Aliases: CVE-2019-9959 |
poppler: integer overflow in JPXStream::init function leading to memory consumption |
Affected by 15 other vulnerabilities. |
|
VCID-csqv-t3cr-4uap
Aliases: CVE-2017-14517 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-cwyp-gapg-yufk
Aliases: CVE-2018-20650 |
poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc |
Affected by 15 other vulnerabilities. |
|
VCID-d5fj-5prg-97f4
Aliases: CVE-2025-32365 |
poppler: Out-of-Bounds Read in Poppler |
Affected by 6 other vulnerabilities. |
|
VCID-dh3p-2g4s-wke6
Aliases: CVE-2019-10872 |
poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc |
Affected by 24 other vulnerabilities. |
|
VCID-ebyg-yhza-wkaq
Aliases: CVE-2019-12493 |
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. |
Affected by 60 other vulnerabilities. |
|
VCID-enu8-gjre-fbap
Aliases: CVE-2020-23804 |
poppler: uncontrolled recursion in pdfinfo and pdftops |
Affected by 15 other vulnerabilities. |
|
VCID-ervb-318m-tygv
Aliases: CVE-2017-14975 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-ervj-1sdg-b3bm
Aliases: CVE-2018-19060 |
poppler: pdfdetach utility does not validate save paths |
Affected by 15 other vulnerabilities. |
|
VCID-ex2h-ahg3-s7b9
Aliases: CVE-2017-14977 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-gfxh-3er7-zyam
Aliases: CVE-2019-12360 |
xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak |
Affected by 60 other vulnerabilities. |
|
VCID-gt34-muf6-abc7
Aliases: CVE-2017-9865 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-h1ka-xthk-rug9
Aliases: CVE-2017-14518 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-h3q1-dbx2-hubv
Aliases: CVE-2022-38784 |
A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. |
Affected by 15 other vulnerabilities. |
|
VCID-hf11-8tk1-5kc4
Aliases: CVE-2017-14929 |
poppler: Memory corruption via Gfx.cc infinite loop |
Affected by 24 other vulnerabilities. |
|
VCID-hmbq-4c5b-ukd7
Aliases: CVE-2018-20481 |
poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc |
Affected by 24 other vulnerabilities. |
|
VCID-hszt-6bxr-syfe
Aliases: CVE-2017-14617 |
poppler: Floating point exception in the ImageStream class |
Affected by 24 other vulnerabilities. |
|
VCID-jauh-5qga-hucw
Aliases: CVE-2017-7515 |
poppler: Stack exhaustion due to infinite recursive call in pdfunite |
Affected by 24 other vulnerabilities. |
|
VCID-jc37-xtrj-p3cm
Aliases: CVE-2018-20662 |
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc |
Affected by 24 other vulnerabilities. |
|
VCID-jd42-3thk-rqhr
Aliases: CVE-2017-9406 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-jw5j-xk5g-v3b1
Aliases: CVE-2017-1000456 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-k1uz-1eqt-pbc6
Aliases: CVE-2020-18839 |
poppler: buffer overflow in HtmlOutputDev::page |
Affected by 15 other vulnerabilities. |
|
VCID-kf69-av43-wffs
Aliases: CVE-2017-14976 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-kre4-9v6u-3ked
Aliases: CVE-2018-10768 |
poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF |
Affected by 60 other vulnerabilities. |
|
VCID-kwa4-641f-ducs
Aliases: CVE-2017-9776 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-mqt3-g77k-xqer
Aliases: CVE-2017-14519 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-myjj-5fsv-sybj
Aliases: CVE-2019-12293 |
poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc |
Affected by 24 other vulnerabilities. |
|
VCID-n1sx-y7xc-kqfb
Aliases: CVE-2020-36024 |
poppler: NULL pointer dereference in `FoFiType1C::convertToType1` |
Affected by 6 other vulnerabilities. |
|
VCID-ncat-8jz5-m7e5
Aliases: CVE-2019-10018 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. |
Affected by 24 other vulnerabilities. |
|
VCID-nqqu-29qr-wfec
Aliases: CVE-2022-37052 |
poppler: reachable assertion due to a failure in markObject() |
Affected by 6 other vulnerabilities. |
|
VCID-pc5k-98kh-suce
Aliases: CVE-2017-14928 |
poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration |
Affected by 24 other vulnerabilities. |
|
VCID-qdcv-xd8k-8qbu
Aliases: CVE-2018-19149 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-qjj9-dejh-vuaq
Aliases: CVE-2017-18267 |
poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service |
Affected by 24 other vulnerabilities. |
|
VCID-qmt5-gtpg-vbg2
Aliases: CVE-2015-8868 |
Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. |
|
VCID-qpwe-7kfy-pyb8
Aliases: CVE-2019-7310 |
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc |
Affected by 24 other vulnerabilities. |
|
VCID-qsy6-em2u-cyd2
Aliases: CVE-2017-15565 |
security update |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-qtb6-gvjp-cqbq
Aliases: CVE-2022-27337 |
Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code. |
Affected by 15 other vulnerabilities. |
|
VCID-s3q2-uvnc-wfep
Aliases: CVE-2019-10871 |
poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc |
Affected by 15 other vulnerabilities. |
|
VCID-tfe8-bq62-3ke4
Aliases: CVE-2024-56378 |
Poppler: out-of-bounds read |
Affected by 6 other vulnerabilities. |
|
VCID-tt3h-qbbv-zuev
Aliases: CVE-2018-18897 |
poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc |
Affected by 15 other vulnerabilities. |
|
VCID-tu6x-7fgv-1ffu
Aliases: CVE-2019-9200 |
poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc |
Affected by 24 other vulnerabilities. |
|
VCID-tzdq-9gfz-yud5
Aliases: CVE-2019-10873 |
poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc |
Affected by 24 other vulnerabilities. |
|
VCID-wbyn-9mx6-a3gd
Aliases: CVE-2018-19059 |
poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc |
Affected by 15 other vulnerabilities. |
|
VCID-yyzk-7mqj-m7hq
Aliases: CVE-2018-16646 |
poppler: infinite recursion in Parser::getObj function in Parser.cc |
Affected by 24 other vulnerabilities. |
|
VCID-zgja-p6ey-2kex
Aliases: CVE-2017-9408 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 64 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 24 other vulnerabilities. |
|
VCID-zzy2-1yr8-83cf
Aliases: CVE-2018-19058 |
poppler: reachable abort in Object.h |
Affected by 15 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-21p7-89u3-bydd | Multiple vulnerabilities have been found in Poppler, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
CVE-2013-4474
|
| VCID-9hnb-h64u-zkev | In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
CVE-2019-12957
|
| VCID-cf6h-786m-rkds | Multiple vulnerabilities have been found in Poppler, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. |
CVE-2013-4473
|
| VCID-ngzc-42z2-8yae | Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. |
CVE-2012-2142
|