Vulnerabilities > Freedesktop > Poppler > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-21 | CVE-2024-6239 | A flaw was found in the Poppler's Pdfinfo utility. | 7.5 |
| 2023-08-22 | CVE-2020-23804 | Uncontrolled Recursion vulnerability in multiple products Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. | 7.5 |
| 2022-08-30 | CVE-2022-38784 | Integer Overflow or Wraparound vulnerability in multiple products Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). | 7.8 |
| 2022-08-22 | CVE-2022-38171 | Integer Overflow or Wraparound vulnerability in multiple products Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). | 7.8 |
| 2021-08-24 | CVE-2021-30860 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow was addressed with improved input validation. | 7.8 |
| 2020-12-25 | CVE-2020-35702 | Out-of-bounds Write vulnerability in Freedesktop Poppler 20.12.1 DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. | 7.8 |
| 2020-12-03 | CVE-2020-27778 | Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in Poppler in the way certain PDF files were converted into HTML. | 7.5 |
| 2020-01-09 | CVE-2012-2142 | The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | 7.8 |
| 2019-11-13 | CVE-2010-4654 | Injection vulnerability in multiple products poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | 7.8 |
| 2019-09-05 | CVE-2018-21009 | Integer Overflow or Wraparound vulnerability in Freedesktop Poppler Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. | 8.8 |