What is CVE-2019-9631?

CVE-2019-9631 is a heap-based buffer over-read vulnerability in Poppler 0.74.0.

How can the CVE-2019-9631 vulnerability affect me?

If you are using Poppler 0.74.0 or affected software, an attacker could exploit this vulnerability to cause a denial-of-service condition or possibly execute arbitrary code on your system.

What is the severity of CVE-2019-9631?

CVE-2019-9631 has a severity rating of 9.8 (Critical).

How do I fix CVE-2019-9631?

To fix CVE-2019-9631, update Poppler to version 0.71.0 or later, depending on the operating system you are using. For Debian, the remedy version is 0.71.0-5 or later. For Ubuntu, the remedy versions are 0.62.0-2ubuntu2.9, 0.68.0-0ubuntu1.7, 0.74.0-0ubuntu1.2, or later.

Where can I find more information about CVE-2019-9631?

You can find more information about CVE-2019-9631 at the following references: [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631), [Ubuntu Security Notices](https://ubuntu.com/security/notices/USN-4042-1), [NVD](https://nvd.nist.gov/vuln/detail/CVE-2019-9631).

Vulnerability/
CVE-2019-9631

critical

9.8

CWE

125

8/3/2019

21/11/2024

CVE-2019-9631

First published: Fri Mar 08 2019(Updated: )

Last updated 24 July 2024

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
debian/poppler		20.09.0-3.1+deb11u1 22.12.0-2 25.01.0-4
Poppler Data	=0.74.0
Fedora	=28
Fedora	=29
Fedora	=30
Debian	=8.0

Remedy

https://gitlab.freedesktop.org/poppler/poppler/issues/736

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2019-9631?
CVE-2019-9631 is a heap-based buffer over-read vulnerability in Poppler 0.74.0.
How can the CVE-2019-9631 vulnerability affect me?
If you are using Poppler 0.74.0 or affected software, an attacker could exploit this vulnerability to cause a denial-of-service condition or possibly execute arbitrary code on your system.
What is the severity of CVE-2019-9631?
CVE-2019-9631 has a severity rating of 9.8 (Critical).
How do I fix CVE-2019-9631?
To fix CVE-2019-9631, update Poppler to version 0.71.0 or later, depending on the operating system you are using. For Debian, the remedy version is 0.71.0-5 or later. For Ubuntu, the remedy versions are 0.62.0-2ubuntu2.9, 0.68.0-0ubuntu1.7, 0.74.0-0ubuntu1.2, or later.
Where can I find more information about CVE-2019-9631?
You can find more information about CVE-2019-9631 at the following references: [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631), [Ubuntu Security Notices](https://ubuntu.com/security/notices/USN-4042-1), [NVD](https://nvd.nist.gov/vuln/detail/CVE-2019-9631).

agent/type
collector/launchpad-cve
source/Launchpad
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2019-9631
agent/weakness
agent/severity
collector/mitre-cve
source/MITRE
collector/usn-cve
source/Ubuntu
agent/remedy
agent/references
agent/description
agent/first-publish-date
agent/author
agent/last-modified-date
agent/event
agent/trending
agent/source
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup-request
collector/nvd-cve
collector/nvd-index
package-manager/debian
vendor/freedesktop
canonical/poppler data
version/poppler data/0.74.0
vendor/fedoraproject
canonical/fedora
version/fedora/28
version/fedora/29
version/fedora/30
vendor/debian
canonical/debian
version/debian/8.0