Search for packages
| purl | pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-j39n-x8uc-aaah
Aliases: CVE-2024-6239 |
poppler: pdfinfo: crash in broken documents when using -dests parameter |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-364a-fvzj-aaah | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. |
CVE-2023-34872
|
| VCID-56kz-wxmx-aaad | A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. |
CVE-2022-37052
|
| VCID-gdcf-fn5r-p7d8 | NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. |
CVE-2025-43903
|
| VCID-gv7w-nexe-aaac | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. |
CVE-2020-36023
|
| VCID-hnnx-bs3x-cyhw | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. |
CVE-2025-32364
|
| VCID-j39n-x8uc-aaah | poppler: pdfinfo: crash in broken documents when using -dests parameter |
CVE-2024-6239
|
| VCID-p629-bug3-s3g9 | libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. |
CVE-2024-56378
|
| VCID-pn21-ccnx-pucg | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. |
CVE-2025-32365
|
| VCID-prsk-2cgh-aaaj | In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662. |
CVE-2022-37050
|
| VCID-rb6b-5cta-aaap | An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. |
CVE-2022-38349
|
| VCID-xr9v-u8sz-aaae | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. |
CVE-2020-36024
|
| VCID-y4vn-826d-aaac | An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file. |
CVE-2022-37051
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T05:45:40.517499+00:00 | Debian Importer | Fixing | VCID-xr9v-u8sz-aaae | None | 36.1.3 |
| 2025-06-21T19:34:56.593253+00:00 | Debian Importer | Fixing | VCID-pn21-ccnx-pucg | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T16:26:24.988300+00:00 | Debian Importer | Fixing | VCID-prsk-2cgh-aaaj | None | 36.1.3 |
| 2025-06-21T16:06:20.199586+00:00 | Debian Importer | Fixing | VCID-gv7w-nexe-aaac | None | 36.1.3 |
| 2025-06-21T14:07:54.400884+00:00 | Debian Importer | Fixing | VCID-p629-bug3-s3g9 | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T05:05:36.806415+00:00 | Debian Importer | Fixing | VCID-rb6b-5cta-aaap | None | 36.1.3 |
| 2025-06-21T04:44:45.093986+00:00 | Debian Importer | Fixing | VCID-gdcf-fn5r-p7d8 | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T03:20:55.001575+00:00 | Debian Importer | Fixing | VCID-j39n-x8uc-aaah | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-21T03:16:47.646548+00:00 | Debian Importer | Fixing | VCID-56kz-wxmx-aaad | None | 36.1.3 |
| 2025-06-21T02:55:29.515033+00:00 | Debian Importer | Fixing | VCID-hnnx-bs3x-cyhw | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T22:48:52.843985+00:00 | Debian Importer | Fixing | VCID-56kz-wxmx-aaad | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:53:02.479171+00:00 | Debian Importer | Fixing | VCID-y4vn-826d-aaac | None | 36.1.3 |
| 2025-06-20T21:46:04.719326+00:00 | Debian Importer | Fixing | VCID-y4vn-826d-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T21:07:37.692627+00:00 | Debian Importer | Fixing | VCID-gv7w-nexe-aaac | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T20:22:04.970560+00:00 | Debian Importer | Fixing | VCID-prsk-2cgh-aaaj | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T20:10:34.028343+00:00 | Debian Importer | Fixing | VCID-rb6b-5cta-aaap | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-20T19:41:08.907543+00:00 | Debian Importer | Fixing | VCID-xr9v-u8sz-aaae | https://security-tracker.debian.org/tracker/data/json | 36.1.3 |
| 2025-06-05T14:13:47.864074+00:00 | Debian Importer | Fixing | VCID-prsk-2cgh-aaaj | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-06-05T14:09:06.581727+00:00 | Debian Importer | Fixing | VCID-rb6b-5cta-aaap | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-06-05T13:50:16.075407+00:00 | Debian Importer | Fixing | VCID-xr9v-u8sz-aaae | https://security-tracker.debian.org/tracker/data/json | 36.1.0 |
| 2025-06-02T10:43:21.864989+00:00 | Debian Importer | Affected by | VCID-j39n-x8uc-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-06-01T14:05:20.103708+00:00 | Debian Importer | Fixing | VCID-xr9v-u8sz-aaae | None | 36.0.0 |
| 2025-05-18T20:06:39.228437+00:00 | Debian Importer | Fixing | VCID-y4vn-826d-aaac | None | 36.0.0 |
| 2025-05-17T22:39:12.736614+00:00 | Debian Importer | Fixing | VCID-prsk-2cgh-aaaj | None | 36.0.0 |
| 2025-05-17T22:26:31.099780+00:00 | Debian Importer | Fixing | VCID-gv7w-nexe-aaac | None | 36.0.0 |
| 2025-05-17T20:34:03.379837+00:00 | Debian Importer | Fixing | VCID-rb6b-5cta-aaap | None | 36.0.0 |
| 2025-05-17T19:35:18.235590+00:00 | Debian Importer | Fixing | VCID-rb6b-5cta-aaap | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-17T18:56:07.109547+00:00 | Debian Importer | Fixing | VCID-prsk-2cgh-aaaj | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-17T16:39:19.958205+00:00 | Debian Importer | Fixing | VCID-xr9v-u8sz-aaae | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-17T16:28:53.356815+00:00 | Debian Importer | Fixing | VCID-56kz-wxmx-aaad | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-17T15:52:29.553754+00:00 | Debian Importer | Fixing | VCID-56kz-wxmx-aaad | None | 36.0.0 |
| 2025-05-17T15:46:03.420806+00:00 | Debian Importer | Fixing | VCID-gv7w-nexe-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-17T14:29:24.827900+00:00 | Debian Importer | Fixing | VCID-y4vn-826d-aaac | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T23:43:49.275609+00:00 | Debian Importer | Fixing | VCID-pn21-ccnx-pucg | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T21:52:00.717949+00:00 | Debian Importer | Fixing | VCID-p629-bug3-s3g9 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T18:58:58.467608+00:00 | Debian Importer | Fixing | VCID-364a-fvzj-aaah | None | 36.0.0 |
| 2025-05-15T11:48:45.582067+00:00 | Debian Importer | Fixing | VCID-gdcf-fn5r-p7d8 | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T10:07:40.220501+00:00 | Debian Importer | Fixing | VCID-j39n-x8uc-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T09:37:44.325609+00:00 | Debian Importer | Fixing | VCID-hnnx-bs3x-cyhw | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |
| 2025-05-15T01:31:51.619486+00:00 | Debian Importer | Fixing | VCID-364a-fvzj-aaah | https://security-tracker.debian.org/tracker/data/json | 36.0.0 |