Download
| Alert*
oval:org.secpod.oval:def:57456
poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:2103893 PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. oval:org.secpod.oval:def:2103901 A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. oval:org.secpod.oval:def:66760 Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: heap-based buffer over-rea ... oval:org.secpod.oval:def:89045847 This update for poppler fixes the following issues: - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service . - CVE-2018-13988: Added an improper implementation check which otherwise could allow buffer overflows, memory corruption, and denial of s ... oval:org.secpod.oval:def:116220 poppler is a PDF rendering library. oval:org.secpod.oval:def:1601043 XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.In Poppler 0.68.0, the Parser::getObj function in ... oval:org.secpod.oval:def:116212 poppler is a PDF rendering library. oval:org.secpod.oval:def:1902102 Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. oval:org.secpod.oval:def:89046318 This update for poppler fixes the following issues: - CVE-2020-27778: Fixed a buffer overflow in pdftohtml . - CVE-2019-14494: Fixed a divide-by-zero error in pdftoppm . - CVE-2019-9959: Fixed an integer overflow in pdftocairo . - CVE-2019-10871: Fixed an invalid memory access in pdftops . - CVE-201 ... oval:org.secpod.oval:def:205288 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1504089 evince [3.28.2-8] - Do not free EvDocumentInfo in ev_window_save_print_settings, - it is freed in EvDocuments destructor - Resolves: #1541358 [3.28.2-7] - Do not store page-scaling for documents with enforced - page-scaling - Resolves: #1541358 [3.28.2-6] - Use PrintScaling preference stored in PDFs ... oval:org.secpod.oval:def:705045 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:503299 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:205250 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:503336 Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: heap-based buffer over-rea ... oval:org.secpod.oval:def:205317 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1502651 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700243 In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by p ... oval:org.secpod.oval:def:89051056 This update for poppler fixes the following issues: * CVE-2019-9545: Fixed a potential crash due to uncontrolled recursion in the JBIG parser . * CVE-2019-9631: Fixed an out of bounds read when converting a PDF to an image . * CVE-2022-37052: Fixed a reachable assertion when extracting pages of a PD ... |