Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 197 results


CVE-2024-6239

Low priority

Some fixes available 2 of 6

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Fixed Fixed Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-3900

Medium priority
Needs evaluation

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.

3 affected packages

ipe, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poppler Not affected Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected Not affected
Show less packages

CVE-2022-38349

Medium priority
Fixed

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-37052

Medium priority
Fixed

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-37051

Medium priority
Fixed

An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-37050

Medium priority
Fixed

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing....

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-23804

Medium priority
Fixed

Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-18839

Medium priority
Not affected

Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-36024

Medium priority
Fixed

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-36023

Medium priority
Fixed

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.

1 affected packages

poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
poppler Not affected Fixed Fixed Fixed
Show less packages