Latest Freedesktop Vulnerabilities

CVE-2020-18839
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
freedesktop poppler=0.75.0
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandl...
ubuntu/poppler<0.41.0-0ubuntu1.16+
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.4
ubuntu/poppler<22.02.0-2ubuntu0.3
ubuntu/poppler<22.08.0-2
freedesktop poppler=22.07.0
and 4 more
CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving a...
freedesktop poppler=22.08.0
=22.08.0
debian/poppler<=0.71.0-5<=0.71.0-5+deb10u3<=20.09.0-3.1+deb11u1
ubuntu/poppler<22.12.0-2
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.4
and 2 more
CVE-2020-23804
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
ubuntu/poppler<20.09.0-1
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.4
ubuntu/poppler<0.41.0-0ubuntu1.16+
freedesktop poppler=0.89.0
Debian Debian Linux=10.0
and 3 more
CVE-2022-37051
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
ubuntu/poppler<22.08.0-2
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.4
ubuntu/poppler<22.02.0-2ubuntu0.3
ubuntu/poppler<0.41.0-0ubuntu1.16+
freedesktop poppler=22.07.0
and 4 more
CVE-2022-37052
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
freedesktop poppler=22.07.0
=22.07.0
debian/poppler<=0.71.0-5<=0.71.0-5+deb10u3<=20.09.0-3.1+deb11u1
ubuntu/poppler<22.08.0-2
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.4
and 2 more
CVE-2020-36024
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
ubuntu/poppler<21.01.0
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.3
ubuntu/poppler<0.41.0-0ubuntu1.16+
freedesktop poppler=20.12.1
=20.12.1
and 1 more
CVE-2020-36023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
ubuntu/poppler<21.01.0
ubuntu/poppler<0.62.0-2ubuntu2.14+
ubuntu/poppler<0.86.1-0ubuntu1.3
ubuntu/poppler<0.41.0-0ubuntu1.16+
freedesktop poppler=20.12.1
=20.12.1
and 1 more
CVE-2023-34872
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
freedesktop poppler<23.06.0
<23.06.0
ubuntu/poppler<23.06.0
ubuntu/poppler<22.02.0-2ubuntu0.2
ubuntu/poppler<22.12.0-2ubuntu1.1
ubuntu/poppler<22.12.0-2ubuntu2
and 1 more
CVE-2023-34969
An assertion failure in dbus-daemon when a privileged Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or similar) is active, and a message from the bus driver cannot be delivered to...
Freedesktop Dbus>=1.12.0<1.12.28
Freedesktop Dbus>=1.14.0<1.14.8
Freedesktop Dbus>=1.15.0<1.15.6
Fedoraproject Fedora=38
Debian Debian Linux=10.0
D-bus Project D-bus>=1.12.0<1.12.28
and 8 more
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An atta...
Freedesktop Xdg-utils>=1.1.0<=1.1.3
CVE-2022-42010
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash...
D-bus Project D-bus<1.12.24
D-bus Project D-bus>=1.13.0<1.14.4
D-bus Project D-bus>=1.15.0<1.15.2
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 3 more
CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash...
D-bus Project D-bus<1.12.24
D-bus Project D-bus>=1.13.0<1.14.4
D-bus Project D-bus>=1.15.0<1.15.2
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Freedesktop Dbus<1.12.24
and 3 more
CVE-2022-42012
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash...
D-bus Project D-bus<1.12.24
D-bus Project D-bus>=1.13.0<1.14.4
D-bus Project D-bus>=1.15.0<1.15.2
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
and 3 more
CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image cou...
debian/poppler<=22.08.0-2<=20.09.0-3.1
debian/poppler<=0.71.0-5
freedesktop poppler<=22.08.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
and 2 more
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to ...
Xpdfreader Xpdf=4.04
freedesktop poppler<22.09.0
CVE-2022-31782
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.
Freedesktop Freetype Demo Programs<=2.12.1
CVE-2022-1215
A format string vulnerability was found in libinput
Freedesktop Libinput>=1.10.0<1.18.2
Freedesktop Libinput>=1.19.0<1.19.4
Freedesktop Libinput=1.20.0
CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
=22.03.0
=36
=10.0
=11.0
freedesktop poppler=22.03.0
Fedoraproject Fedora=36
and 5 more
CVE-2021-30860
Apple Multiple Products Integer Overflow Vulnerability
Apple iPadOS<14.8
Apple iPhone OS<12.5.5
Apple iPhone OS>=13.0<14.8
Apple Mac OS X>=10.15<10.15.7
Apple Mac OS X=10.15.7
Apple Mac OS X=10.15.7-security_update_2020
and 16 more
CVE-2021-3185
A flaw was found in the gstreamer parsing code in the function gst_h264_slice_parse_dec_ref_pic_marking. An attacker able to trigger this section of code can cause a buffer overflow possibly overflow...
redhat/gst-plugins-bad<1.18.1
Freedesktop Gst-plugins-bad<1.18.1
CVE-2020-35702
** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppl...
freedesktop poppler=20.12.1
=20.12.1
CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing...
Freedesktop Dbus=1.12.20
Linux Linux kernel
D-bus Project D-bus=1.12.20
Linux Linux kernel
redhat/dbus<1.10.32
redhat/dbus<1.12.20
and 2 more
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' p...
redhat/poppler<0.76.0
freedesktop poppler<0.76.0
Redhat Enterprise Linux=8.0
Debian Debian Linux=10.0
CVE-2020-27748
A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbi...
Freedesktop Xdg-utils>=1.1.0
CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment fi...
Freedesktop Accountsservice<0.6.55
CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to Account...
Freedesktop Accountsservice<0.6.55
CVE-2020-12049
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local...
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
Freedesktop Dbus>=1.3.0<1.12.18
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
and 11 more
CVE-2012-2142
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
freedesktop poppler<0.21.4
Xpdfreader Xpdf=3.02
Redhat Enterprise Linux=5.0
Redhat Enterprise Linux=6.0
openSUSE openSUSE=12.2
CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).
Freedesktop Libbsd<0.10.0
Debian Debian Linux=9.0
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 8 more
CVE-2018-21009
Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
redhat/poppler<0.76.0
freedesktop poppler<0.76.0
CVE-2019-14494
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
freedesktop poppler<=0.78.0
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 6 more
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chu...
freedesktop poppler<=0.78.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=29
Fedoraproject Fedora=30
and 12 more
CVE-2019-12749
A flaw was discovered in dbus where the implementation of DBUS_COOKIE_SHA1 is susceptible to a symbolic link attack. A malicious client with write access to its own home directory could manipulate a ~...
IBM Security Guardium<=10.5
IBM Security Guardium<=10.6
IBM Security Guardium<=11.0
IBM Security Guardium<=11.1
IBM Security Guardium<=11.2
IBM Security Guardium<=11.3
and 15 more
CVE-2019-12293
An issue was discovered in Poppler 0.76.1. There is a heap-based buffer over-read in the function JPXStream::init in JPEG2000Stream.cc. Upstream issue: <a href="https://gitlab.freedesktop.org/poppler...
freedesktop poppler<=0.76.1
redhat/poppler<0.77.0
ubuntu/poppler<0.62.0-2ubuntu2.9
ubuntu/poppler<0.68.0-0ubuntu1.7
ubuntu/poppler<0.74.0-0ubuntu1.2
ubuntu/poppler<0.41.0-0ubuntu1.14
and 1 more
CVE-2019-11026
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
freedesktop poppler=0.75.0
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
CVE-2019-10871
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
freedesktop poppler=0.74.0
CVE-2019-10872
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
freedesktop poppler=0.74.0
ubuntu/poppler<0.62.0-2ubuntu2.9
ubuntu/poppler<0.68.0-0ubuntu1.7
ubuntu/poppler<0.74.0-0ubuntu1.2
ubuntu/poppler<0.41.0-0ubuntu1.14
debian/poppler
CVE-2019-10873
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
freedesktop poppler=0.74.0
ubuntu/poppler<0.74.0-0ubuntu1.2
debian/poppler
CVE-2019-9903
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing...
freedesktop poppler=0.74.0
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Debian Debian Linux=10.0
Canonical Ubuntu Linux=16.04
and 19 more
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
freedesktop poppler=0.74.0
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Debian Debian Linux=8.0
ubuntu/poppler<0.62.0-2ubuntu2.9
and 4 more
CVE-2019-9545
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pd...
freedesktop poppler=0.74.0
CVE-2019-9543
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the...
freedesktop poppler=0.74.0
CVE-2019-9200
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It all...
freedesktop poppler=0.74.0
Debian Debian Linux=8.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
and 6 more
CVE-2019-7310
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash)...
ubuntu/poppler<0.41.0-0ubuntu1.12
ubuntu/poppler<0.62.0-2ubuntu2.7
ubuntu/poppler<0.68.0-0ubuntu1.5
ubuntu/poppler<0.24.5-2ubuntu4.16
=0.73.0
=14.04
and 37 more
CVE-2018-20662
A flaw was found in Poppler 0.72.0. The PDFDoc::setup class in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value fr...
freedesktop poppler=0.72.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
and 23 more
CVE-2018-20650
A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class...
debian/poppler<=0.71.0-5
ubuntu/poppler<0.41.0-0ubuntu1.11
ubuntu/poppler<0.62.0-2ubuntu2.6
ubuntu/poppler<0.68.0-0ubuntu1.4
ubuntu/poppler<0.24.5-2ubuntu4.15
freedesktop poppler=0.72.0
and 21 more
CVE-2018-20551
A flaw was found in Poppler 0.72.0. A reachable Object::getString assertion allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMe...
ubuntu/poppler<0.41.0-0ubuntu1.12
ubuntu/poppler<0.62.0-2ubuntu2.7
ubuntu/poppler<0.68.0-0ubuntu1.5
=0.72.0
=14.04
=16.04
and 8 more
CVE-2018-20481
A flaw was found in Poppler 0.72.0. A NULL pointer dereference in the XRef::getEntry class in XRef.cc file due to the mishandle of unallocated XRef entries. This allows remote attackers to cause a den...
ubuntu/poppler<0.41.0-0ubuntu1.11
ubuntu/poppler<0.62.0-2ubuntu2.6
ubuntu/poppler<0.68.0-0ubuntu1.4
ubuntu/poppler<0.24.5-2ubuntu4.15
=0.72.0
=14.04
and 11 more
CVE-2018-19149
An issue was found in Poppler before 0.70.0. A NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. References: <a href="https://gitlab...
<0.70.0
=14.04
=16.04
=18.04
=18.10
freedesktop poppler<0.70.0
and 9 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203