rpm package
almalinux/poppler-glib-doc
pkg:rpm/almalinux/poppler-glib-doc
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32365 | — | < 21.01.0-23.el9_7 | 21.01.0-23.el9_7 | Apr 5, 2025 | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. | ||
| CVE-2024-6239 | — | < 20.11.0-12.el8_10 | 20.11.0-12.el8_10 | Jun 21, 2024 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. | ||
| CVE-2020-36024 | — | < 20.11.0-11.el8 | 20.11.0-11.el8 | Aug 11, 2023 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. |
- CVE-2025-32365Apr 5, 2025affected < 21.01.0-23.el9_7fixed 21.01.0-23.el9_7
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
- CVE-2024-6239Jun 21, 2024affected < 20.11.0-12.el8_10fixed 20.11.0-12.el8_10
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
- CVE-2020-36024Aug 11, 2023affected < 20.11.0-11.el8fixed 20.11.0-11.el8
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.