poppler (SUSE:Manager Server 4.2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Server 4.2 package poppler, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2019-9545 — CVSS 8.8 (high): An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be…
CVE-2019-16115 — CVSS 7.8 (high): In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by…
CVE-2022-38784 — CVSS 7.8 (high): Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in…
CVE-2020-23804 — CVSS 7.5 (high): Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
CVE-2022-27337 — CVSS 6.5 (medium): A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
CVE-2022-37050 — CVSS 6.5 (medium): In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by…
CVE-2020-36023 — CVSS 6.5 (medium): An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf…
CVE-2022-37052 — CVSS 6.5 (medium): A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
CVE-2022-38349 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because…
CVE-2022-37051 — CVSS 6.5 (medium): An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in…
CVE-2020-36024 — CVSS 5.5 (medium): An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf…