rpm package
suse/poppler-qt&distro=SUSE Linux Enterprise Server 12 SP4-LTSS
pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-38784 | — | < 0.43.0-16.22.1 | 0.43.0-16.22.1 | Aug 30, 2022 | Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vu | ||
| CVE-2019-13283 | — | < 0.43.0-16.22.1 | 0.43.0-16.22.1 | Jul 4, 2019 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF do |
- CVE-2022-38784Aug 30, 2022affected < 0.43.0-16.22.1fixed 0.43.0-16.22.1
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vu
- CVE-2019-13283Jul 4, 2019affected < 0.43.0-16.22.1fixed 0.43.0-16.22.1
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF do