poppler-qt5 (SUSE:Linux Enterprise Module for Package Hub 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP4 package poppler-qt5, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2022-38784 — CVSS 7.8 (high): Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in…
CVE-2022-37050 — CVSS 6.5 (medium): In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by…
CVE-2022-37051 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in…
CVE-2022-27337 — CVSS 6.5 (medium): A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
CVE-2022-38349 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because…
CVE-2022-37052 — CVSS 6.5 (medium): A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
CVE-2023-34872 — CVSS 5.5 (medium): A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a…