Vulnerabilities > Freedesktop > Poppler > 0.74.0

DATE CVE VULNERABILITY TITLE RISK
2019-04-05 CVE-2019-10873 NULL Pointer Dereference vulnerability in Freedesktop Poppler 0.74.0
An issue was discovered in Poppler 0.74.0.
network
low complexity
freedesktop CWE-476
6.5
2019-04-05 CVE-2019-10872 Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0
An issue was discovered in Poppler 0.74.0.
network
low complexity
freedesktop CWE-125
8.8
2019-04-05 CVE-2019-10871 Out-of-bounds Read vulnerability in Freedesktop Poppler 0.74.0
An issue was discovered in Poppler 0.74.0.
network
low complexity
freedesktop CWE-125
6.5
2019-03-21 CVE-2019-9903 Out-of-bounds Write vulnerability in multiple products
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
6.5
2019-03-08 CVE-2019-9631 Out-of-bounds Read vulnerability in multiple products
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
network
low complexity
freedesktop fedoraproject debian CWE-125
critical
9.8
2019-03-01 CVE-2019-9545 Uncontrolled Recursion vulnerability in Freedesktop Poppler 0.74.0
An issue was discovered in Poppler 0.74.0.
network
low complexity
freedesktop CWE-674
8.8
2019-03-01 CVE-2019-9543 Uncontrolled Recursion vulnerability in Freedesktop Poppler 0.74.0
An issue was discovered in Poppler 0.74.0.
network
low complexity
freedesktop CWE-674
8.8
2019-02-26 CVE-2019-9200 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary.
network
low complexity
freedesktop debian canonical CWE-787
8.8