Several security issues were fixed in poppler ...
Synopsis
Moderate: poppler security update
Type/Severity
Security Advisory: Moderate
Topic
An update for poppler is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...
Synopsis
Moderate: poppler security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for poppler, evince, and okular is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vuln ...
In Poppler 0680, the Parser::getObj() function in Parsercc may cause infinite recursion via a crafted file A remote attacker can leverage this for a DoS attack(CVE-2018-16646)
An issue was discovered in Poppler 0710 There is a memory leak in GfxColorSpace::setDisplayProfile in GfxStatecc, as demonstrated by pdftocairo(CVE-2018-18897)
An i ...
Debian Bug report logs -
#909802
poppler: CVE-2018-16646 denial-of-service via crafted file
Package:
poppler;
Maintainer for poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Markus Koschany <apo@debianorg>
Date: Fri, 28 Sep 2018 18:33:02 UTC
Severity: ...
Debian Bug report logs -
#921215
poppler: CVE-2019-7310: Heap buffer overflow in XRef::getEntry due to integer overflow
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Dat ...
Debian Bug report logs -
#918158
poppler: CVE-2018-20662
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 3 Jan 2019 21:57:01 UTC
Severity: normal
Tags: securi ...
Debian Bug report logs -
#917525
poppler: CVE-2018-20551: reachable abort in AnnotRichMedia::Content::Content at Annotcc:6432
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg> ...
Debian Bug report logs -
#926673
poppler: CVE-2019-9631: heap overflow in downsample_row_box_filter
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 8 Apr 2019 ...
Debian Bug report logs -
#917325
poppler: CVE-2018-20481
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 26 Dec 2018 08:36:02 UTC
Severity: important
Tags: fix ...
Debian Bug report logs -
#926532
poppler: CVE-2019-10873
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 6 Apr 2019 15:57:01 UTC
Severity: important
Tags: fix ...
Debian Bug report logs -
#923414
poppler: CVE-2019-9200
Package:
src:poppler;
Maintainer for src:poppler is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 27 Feb 2019 20:30:02 UTC
Severity: important
Tags: fixe ...
XRef::getEntry in XRefcc in Poppler 0720 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRefh is called from Parser::makeStream in Parsercc(CVE-2018-20481)
In Poppler 0680, the Parser::getObj() function in Parse ...
In Poppler 0720, PDFDoc::setup in PDFDoccc allows attackers to cause a denial-of-service (application crash caused by Objecth SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing ...