0.74.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-05	CVE-2019-10873	NULL Pointer Dereference vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-476	6.5
2019-04-05	CVE-2019-10872	Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-125	8.8
2019-04-05	CVE-2019-10871	Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-125	6.5
2019-03-21	CVE-2019-9903	Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. network low complexity freedesktop fedoraproject debian canonical redhat CWE-787	6.5
2019-03-08	CVE-2019-9631	Out-of-bounds Read vulnerability in multiple products Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. network low complexity freedesktop fedoraproject debian CWE-125 critical	9.8
2019-03-01	CVE-2019-9545	Uncontrolled Recursion vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-674	8.8
2019-03-01	CVE-2019-9543	Uncontrolled Recursion vulnerability in Freedesktop Poppler 0.74.0 An issue was discovered in Poppler 0.74.0. network low complexity freedesktop CWE-674	8.8
2019-02-26	CVE-2019-9200	Out-of-bounds Write vulnerability in multiple products A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. network low complexity freedesktop debian canonical CWE-787	8.8