CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37052
https://notcve.org/view.php?id=CVE-2022-37052
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. Una aserción alcanzable Object::getString en Poppler 22.07.0 permite a los atacantes causar una denegación de servicio debido a un fallo en markObject. • https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-38349
https://notcve.org/view.php?id=CVE-2022-38349
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. Se ha descubierto un problema en Poppler 22.08.0. Hay una aserción alcanzable en Object.h, provocará una denegación de servicio porque PDFDoc::replacePageDict en PDFDoc.cc carece de una comprobación de flujo antes de guardar un archivo incrustado. • https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36023
https://notcve.org/view.php?id=CVE-2020-36023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013 https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36024 – poppler: NULL pointer dereference in `FoFiType1C::convertToType1`
https://notcve.org/view.php?id=CVE-2020-36024
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. A flaw was found in the Poppler package. This flaw allows attackers to possibly cause a denial of service via a crafted .pdf file to the FoFiType1C::convertToType1 function. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016 https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html https://access.redhat.com/security/cve/CVE-2020-36024 https://bugzilla.redhat.com/show_bug.cgi?id=2231520 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34872
https://notcve.org/view.php?id=CVE-2023-34872
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. • https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K https://lists.fedorapro •