Known Vulnerabilities for products from Poppler
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Poppler".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2010-3704 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other... | 6.8 - MEDIUM | 2010-11-05 | 2019-03-06 |
| CVE-2010-3703 | The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly ot... | 4.3 - MEDIUM | 2010-11-05 | 2011-01-22 |
| CVE-2009-3938 | Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, ... | 6.8 - MEDIUM | 2009-11-13 | 2017-08-17 |
| CVE-2009-3609 | Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as u... | 4.3 - MEDIUM | 2009-10-21 | 2023-02-13 |
| CVE-2009-3608 | Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, ... | 9.3 - HIGH | 2009-10-21 | 2023-02-13 |
| CVE-2009-3607 | Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote atta... | 9.3 - HIGH | 2009-10-21 | 2023-11-07 |
| CVE-2009-3606 | Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KP... | 9.3 - HIGH | 2009-10-21 | 2023-02-13 |
| CVE-2009-3605 | Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application cra... | 6.8 - MEDIUM | 2009-11-02 | 2023-11-07 |
| CVE-2009-3604 | The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraph... | 9.3 - HIGH | 2009-10-21 | 2023-02-13 |
| CVE-2009-3603 | Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow ... | 9.3 - HIGH | 2009-10-21 | 2023-11-07 |
| CVE-2009-1188 | Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x befo... | 5 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-1187 | Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service ... | 5 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-1183 | The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows r... | 4.3 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-1182 | Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6... | 7.5 - HIGH | 2009-04-23 | 2019-03-06 |
| CVE-2009-1181 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remot... | 4.3 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-1180 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remot... | 6.8 - MEDIUM | 2009-04-23 | 2019-03-06 |
| CVE-2009-1179 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other p... | 6.8 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-0800 | Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.... | 6.8 - MEDIUM | 2009-04-23 | 2023-02-13 |
| CVE-2009-0799 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remot... | 4.3 - MEDIUM | 2009-04-23 | 2019-03-06 |
| CVE-2009-0756 | The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (cr... | 5 - MEDIUM | 2009-03-03 | 2018-10-10 |