Search for packages
| purl | pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2 |
| Next non-vulnerable version | 25.03.0-11.1 |
| Latest non-vulnerable version | 25.03.0-11.1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-29b3-s5n9-5fd8
Aliases: CVE-2018-13988 |
poppler: out of bounds read in pdfunite |
Affected by 24 other vulnerabilities. |
|
VCID-2ck3-hjtt-hbax
Aliases: CVE-2020-27778 |
poppler: pdftohtml: access to uninitialized pointer could lead to DoS |
Affected by 15 other vulnerabilities. |
|
VCID-3kw1-pxdk-27h4
Aliases: CVE-2017-14927 |
poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function |
Affected by 24 other vulnerabilities. |
|
VCID-3u3m-ru9u-buem
Aliases: CVE-2017-9775 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-44yv-r4hg-17db
Aliases: CVE-2017-14520 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-48ua-ch85-w3cg
Aliases: CVE-2022-38349 |
poppler: Reachable assertion in Object.h |
Affected by 6 other vulnerabilities. |
|
VCID-4ucr-xaac-7uc7
Aliases: CVE-2025-32364 |
poppler: Floating-Point Exception in Poppler |
Affected by 6 other vulnerabilities. |
|
VCID-5jej-esjt-uqak
Aliases: CVE-2018-21009 |
poppler: integer overflow in Parser::makeStream in Parser.cc |
Affected by 24 other vulnerabilities. |
|
VCID-5py7-z1gg-9fet
Aliases: CVE-2019-14494 |
poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc |
Affected by 15 other vulnerabilities. |
|
VCID-72nw-9jgd-4kdw
Aliases: CVE-2022-37051 |
poppler: abort in main() in pdfunite.cc |
Affected by 6 other vulnerabilities. |
|
VCID-74sz-r8kq-qkd5
Aliases: CVE-2018-20551 |
poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c |
Affected by 24 other vulnerabilities. |
|
VCID-7n47-6efe-eybd
Aliases: CVE-2017-14926 |
poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content |
Affected by 24 other vulnerabilities. |
|
VCID-7p5r-eqxs-tugv
Aliases: CVE-2019-9631 |
poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc |
Affected by 24 other vulnerabilities. |
|
VCID-8t2a-b56v-tqcs
Aliases: CVE-2019-9903 |
poppler: stack consumption in function Dict::find() in Dict.cc |
Affected by 15 other vulnerabilities. |
|
VCID-96jm-1vhy-eyfd
Aliases: CVE-2019-11026 |
poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc |
Affected by 15 other vulnerabilities. |
|
VCID-bc96-6vy6-ryfz
Aliases: CVE-2020-36023 |
poppler: Stack-Overflow in `FoFiType1C::cvtGlyph` |
Affected by 6 other vulnerabilities. |
|
VCID-bvmu-gq2p-jygf
Aliases: CVE-2017-7511 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-c4wz-u632-eyeh
Aliases: CVE-2022-37050 |
poppler: abort in PDFDoc::savePageAs in PDFDoc.c |
Affected by 6 other vulnerabilities. |
|
VCID-crcj-9bh9-7kb7
Aliases: CVE-2019-9959 |
poppler: integer overflow in JPXStream::init function leading to memory consumption |
Affected by 15 other vulnerabilities. |
|
VCID-csqv-t3cr-4uap
Aliases: CVE-2017-14517 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-cwyp-gapg-yufk
Aliases: CVE-2018-20650 |
poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc |
Affected by 15 other vulnerabilities. |
|
VCID-d5fj-5prg-97f4
Aliases: CVE-2025-32365 |
poppler: Out-of-Bounds Read in Poppler |
Affected by 6 other vulnerabilities. |
|
VCID-dh3p-2g4s-wke6
Aliases: CVE-2019-10872 |
poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc |
Affected by 24 other vulnerabilities. |
|
VCID-enu8-gjre-fbap
Aliases: CVE-2020-23804 |
poppler: uncontrolled recursion in pdfinfo and pdftops |
Affected by 15 other vulnerabilities. |
|
VCID-ervb-318m-tygv
Aliases: CVE-2017-14975 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-ervj-1sdg-b3bm
Aliases: CVE-2018-19060 |
poppler: pdfdetach utility does not validate save paths |
Affected by 15 other vulnerabilities. |
|
VCID-ex2h-ahg3-s7b9
Aliases: CVE-2017-14977 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-gt34-muf6-abc7
Aliases: CVE-2017-9865 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-h1ka-xthk-rug9
Aliases: CVE-2017-14518 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-h3q1-dbx2-hubv
Aliases: CVE-2022-38784 |
A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. |
Affected by 15 other vulnerabilities. |
|
VCID-hf11-8tk1-5kc4
Aliases: CVE-2017-14929 |
poppler: Memory corruption via Gfx.cc infinite loop |
Affected by 24 other vulnerabilities. |
|
VCID-hmbq-4c5b-ukd7
Aliases: CVE-2018-20481 |
poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc |
Affected by 24 other vulnerabilities. |
|
VCID-hszt-6bxr-syfe
Aliases: CVE-2017-14617 |
poppler: Floating point exception in the ImageStream class |
Affected by 24 other vulnerabilities. |
|
VCID-jauh-5qga-hucw
Aliases: CVE-2017-7515 |
poppler: Stack exhaustion due to infinite recursive call in pdfunite |
Affected by 24 other vulnerabilities. |
|
VCID-jc37-xtrj-p3cm
Aliases: CVE-2018-20662 |
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc |
Affected by 24 other vulnerabilities. |
|
VCID-jd42-3thk-rqhr
Aliases: CVE-2017-9406 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-jw5j-xk5g-v3b1
Aliases: CVE-2017-1000456 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-k1uz-1eqt-pbc6
Aliases: CVE-2020-18839 |
poppler: buffer overflow in HtmlOutputDev::page |
Affected by 15 other vulnerabilities. |
|
VCID-kf69-av43-wffs
Aliases: CVE-2017-14976 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-kwa4-641f-ducs
Aliases: CVE-2017-9776 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-mqt3-g77k-xqer
Aliases: CVE-2017-14519 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-myjj-5fsv-sybj
Aliases: CVE-2019-12293 |
poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc |
Affected by 24 other vulnerabilities. |
|
VCID-n1sx-y7xc-kqfb
Aliases: CVE-2020-36024 |
poppler: NULL pointer dereference in `FoFiType1C::convertToType1` |
Affected by 6 other vulnerabilities. |
|
VCID-ncat-8jz5-m7e5
Aliases: CVE-2019-10018 |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. |
Affected by 24 other vulnerabilities. |
|
VCID-nqqu-29qr-wfec
Aliases: CVE-2022-37052 |
poppler: reachable assertion due to a failure in markObject() |
Affected by 6 other vulnerabilities. |
|
VCID-pc5k-98kh-suce
Aliases: CVE-2017-14928 |
poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration |
Affected by 24 other vulnerabilities. |
|
VCID-qdcv-xd8k-8qbu
Aliases: CVE-2018-19149 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
Affected by 24 other vulnerabilities. |
|
VCID-qjj9-dejh-vuaq
Aliases: CVE-2017-18267 |
poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service |
Affected by 24 other vulnerabilities. |
|
VCID-qpwe-7kfy-pyb8
Aliases: CVE-2019-7310 |
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc |
Affected by 24 other vulnerabilities. |
|
VCID-qsy6-em2u-cyd2
Aliases: CVE-2017-15565 |
security update |
Affected by 24 other vulnerabilities. |
|
VCID-qtb6-gvjp-cqbq
Aliases: CVE-2022-27337 |
Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code. |
Affected by 15 other vulnerabilities. |
|
VCID-s3q2-uvnc-wfep
Aliases: CVE-2019-10871 |
poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc |
Affected by 15 other vulnerabilities. |
|
VCID-tfe8-bq62-3ke4
Aliases: CVE-2024-56378 |
Poppler: out-of-bounds read |
Affected by 6 other vulnerabilities. |
|
VCID-tt3h-qbbv-zuev
Aliases: CVE-2018-18897 |
poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc |
Affected by 15 other vulnerabilities. |
|
VCID-tu6x-7fgv-1ffu
Aliases: CVE-2019-9200 |
poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc |
Affected by 24 other vulnerabilities. |
|
VCID-tzdq-9gfz-yud5
Aliases: CVE-2019-10873 |
poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc |
Affected by 24 other vulnerabilities. |
|
VCID-wbyn-9mx6-a3gd
Aliases: CVE-2018-19059 |
poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc |
Affected by 15 other vulnerabilities. |
|
VCID-yyzk-7mqj-m7hq
Aliases: CVE-2018-16646 |
poppler: infinite recursion in Parser::getObj function in Parser.cc |
Affected by 24 other vulnerabilities. |
|
VCID-zgja-p6ey-2kex
Aliases: CVE-2017-9408 |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
Affected by 24 other vulnerabilities. |
|
VCID-zzy2-1yr8-83cf
Aliases: CVE-2018-19058 |
poppler: reachable abort in Object.h |
Affected by 15 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3u3m-ru9u-buem | security update |
CVE-2017-9775
|
| VCID-44yv-r4hg-17db | security update |
CVE-2017-14520
|
| VCID-csqv-t3cr-4uap | security update |
CVE-2017-14517
|
| VCID-ebyg-yhza-wkaq | A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. |
CVE-2019-12493
|
| VCID-ervb-318m-tygv | Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
CVE-2017-14975
|
| VCID-ex2h-ahg3-s7b9 | Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
CVE-2017-14977
|
| VCID-gfxh-3er7-zyam | xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak |
CVE-2019-12360
|
| VCID-gt34-muf6-abc7 | Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
CVE-2017-9865
|
| VCID-h1ka-xthk-rug9 | security update |
CVE-2017-14518
|
| VCID-jd42-3thk-rqhr | Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
CVE-2017-9406
|
| VCID-jw5j-xk5g-v3b1 | Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
CVE-2017-1000456
|
| VCID-kf69-av43-wffs | Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. |
CVE-2017-14976
|
| VCID-kre4-9v6u-3ked | poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF |
CVE-2018-10768
|
| VCID-kwa4-641f-ducs | security update |
CVE-2017-9776
|
| VCID-mqt3-g77k-xqer | security update |
CVE-2017-14519
|
| VCID-qmt5-gtpg-vbg2 | Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2015-8868
|
| VCID-qsy6-em2u-cyd2 | security update |
CVE-2017-15565
|
| VCID-zgja-p6ey-2kex | Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. |
CVE-2017-9408
|