Known Vulnerabilities for Poppler by Freedesktop
Listed below are 10 of the newest known vulnerabilities associated with "Poppler" by "Freedesktop".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-30860 | An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, i... | 7.8 - HIGH | 2021-08-24 | 2024-02-02 |
| CVE-2020-36024 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) vi... | 5.5 - MEDIUM | 2023-08-11 | 2023-08-17 |
| CVE-2020-36023 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) vi... | 6.5 - MEDIUM | 2023-08-11 | 2023-09-27 |
| CVE-2020-35702 | ** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF docu... | 7.8 - HIGH | 2020-12-25 | 2023-11-07 |
| CVE-2020-27778 | A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw ... | 7.5 - HIGH | 2020-12-03 | 2022-09-28 |
| CVE-2020-23804 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via cra... | 7.5 - HIGH | 2023-08-22 | 2023-12-08 |
| CVE-2020-18839 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. | 6.5 - MEDIUM | 2023-08-22 | 2023-08-25 |
| CVE-2019-9543 | An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Str... | 8.8 - HIGH | 2019-03-01 | 2021-07-21 |
| CVE-2019-9200 | A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example)... | 8.8 - HIGH | 2019-02-26 | 2023-11-07 |
| CVE-2019-7310 | In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.c... | 7.8 - HIGH | 2019-02-03 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Freedesktop | Poppler | 20.12.1 | All | All | All |
| Application | Freedesktop | Poppler | 20.12.0 | All | All | All |
| Application | Freedesktop | Poppler | 20.11.0 | All | All | All |
| Application | Freedesktop | Poppler | 20.10.0 | All | All | All |
| Application | Freedesktop | Poppler | 20.09.0 | All | All | All |
| Application | Freedesktop | Poppler | 20.08.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.90.1 | All | All | All |
| Application | Freedesktop | Poppler | 0.90.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.9.3 | All | All | All |
| Application | Freedesktop | Poppler | 0.9.2 | All | All | All |
| Application | Freedesktop | Poppler | 0.9.1 | All | All | All |
| Application | Freedesktop | Poppler | 0.9.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.89.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.88.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.87.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.86.1 | All | All | All |
| Application | Freedesktop | Poppler | 0.86.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.85.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.84.0 | All | All | All |
| Application | Freedesktop | Poppler | 0.83.0 | All | All | All |