poppler (SUSE:Linux Enterprise Server 15 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP3-LTSS package poppler, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2022-38784 — CVSS 7.8 (high): Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in…
CVE-2020-23804 — CVSS 7.5 (high): Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
CVE-2022-37051 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in…
CVE-2022-38349 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because…
CVE-2022-37050 — CVSS 6.5 (medium): In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by…
CVE-2025-52885: Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free (write) vulnerability has been…
CVE-2025-52886 — CVSS 5.9 (medium): Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is…
CVE-2020-36024 — CVSS 5.5 (medium): An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf…
CVE-2025-43718 — CVSS 2.9 (low): Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such…