Multiple vulnerabilities has been found and corrected in poppler: poppler before 0.22.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via vectors that trigger an invalid memory access in splash/Splash.cc, poppler/Function.cc, and poppler/Stream.cc . poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function . The updated packages have been patched to correct these issues.