rpm package

suse/poppler-qt5&distro=SUSE Linux Enterprise Module for Package Hub 15 SP5

pkg:rpm/suse/poppler-qt5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-6239	—	< 23.01.0-150500.3.11.1	23.01.0-150500.3.11.1	Jun 21, 2024	A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
CVE-2024-4141	—	< 23.01.0-150500.3.8.1	23.01.0-150500.3.8.1	Apr 24, 2024	Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
CVE-2023-34872	—	< 23.01.0-150500.3.5.1	23.01.0-150500.3.5.1	Jul 31, 2023	A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

CVE-2024-6239Jun 21, 2024
affected < 23.01.0-150500.3.11.1fixed 23.01.0-150500.3.11.1
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
CVE-2024-4141Apr 24, 2024
affected < 23.01.0-150500.3.8.1fixed 23.01.0-150500.3.8.1
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
CVE-2023-34872Jul 31, 2023
affected < 23.01.0-150500.3.5.1fixed 23.01.0-150500.3.5.1
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.