VYPR

rpm package

almalinux/poppler-qt6-devel

pkg:rpm/almalinux/poppler-qt6-devel

Vulnerabilities (2)

  • CVE-2026-10118HigJun 1, 2026
    affected < 24.02.0-7.el10_2.2fixed 24.02.0-7.el10_2.2

    A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatternFill` function. This overflow leads to an undersized heap memory allocation, al

  • CVE-2025-32365Apr 5, 2025
    affected < 24.02.0-7.el10_1fixed 24.02.0-7.el10_1

    Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.