poppler

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description PDF rendering library based on xpdf 3.0
Version 0.78.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-869 0.73.0-1 0.74.0-1 Low Fixed
AVG-326 0.55.0-3 0.56.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-7310 AVG-869 Low Yes Denial of service
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to...
CVE-2017-9776 AVG-326 High Yes Arbitrary code execution
Integer overflow leading to heap overflow in JBIG2Stream.cc.
CVE-2017-9775 AVG-326 Medium Yes Arbitrary code execution
A stack buffer overflow in has been found in GfxState.cc's module of poppler. Due to some restrictions in the lines after the bug, an attacker can't control...

Advisories

Date Advisory Group Severity Description
26 Jun 2017 ASA-201706-33 AVG-326 High arbitrary code execution