Poppler
Source repositories
CVEs (107)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52886 | 0.00 | — | 0.00 | Jul 2, 2025 | Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. | |||
| CVE-2025-43903 | 0.00 | — | 0.00 | Apr 18, 2025 | NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. | |||
| CVE-2025-32364 | 0.00 | — | 0.00 | Apr 5, 2025 | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. | |||
| CVE-2025-32365 | 0.00 | — | 0.00 | Apr 5, 2025 | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. | |||
| CVE-2024-56378 | 0.00 | — | 0.01 | Dec 22, 2024 | libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. | |||
| CVE-2024-6239 | 0.00 | — | 0.01 | Jun 21, 2024 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. | |||
| CVE-2022-37052 | 0.00 | — | 0.01 | Aug 22, 2023 | A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. | |||
| CVE-2022-37050 | 0.00 | — | 0.01 | Aug 22, 2023 | In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the… | |||
| CVE-2020-18839 | 0.00 | — | 0.01 | Aug 22, 2023 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. | |||
| CVE-2022-37051 | 0.00 | — | 0.01 | Aug 22, 2023 | An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file. | |||
| CVE-2020-23804 | 0.00 | — | 0.01 | Aug 22, 2023 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. | |||
| CVE-2022-38349 | 0.00 | — | 0.01 | Aug 22, 2023 | An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. | |||
| CVE-2023-34872 | 0.00 | — | 0.01 | Jul 31, 2023 | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. | |||
| CVE-2022-38784 | 0.00 | — | 0.01 | Aug 30, 2022 | Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the… | |||
| CVE-2022-27337 | 0.00 | — | 0.02 | May 5, 2022 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | |||
| CVE-2020-35702 | 0.00 | — | 0.01 | Dec 25, 2020 | DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT… | |||
| CVE-2012-2142 | 0.00 | — | 0.03 | Jan 9, 2020 | The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | |||
| CVE-2010-4654 | 0.00 | — | 0.01 | Nov 13, 2019 | poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | |||
| CVE-2010-4653 | 0.00 | — | 0.02 | Nov 13, 2019 | An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. | |||
| CVE-2010-0207 | 0.00 | — | 0.01 | Oct 30, 2019 | In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. |
- CVE-2025-52886Jul 2, 2025risk 0.00cvss —epss 0.00
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
- CVE-2025-43903Apr 18, 2025risk 0.00cvss —epss 0.00
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.
- CVE-2025-32364Apr 5, 2025risk 0.00cvss —epss 0.00
A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.
- CVE-2025-32365Apr 5, 2025risk 0.00cvss —epss 0.00
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
- CVE-2024-56378Dec 22, 2024risk 0.00cvss —epss 0.01
libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.
- CVE-2024-6239Jun 21, 2024risk 0.00cvss —epss 0.01
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
- CVE-2022-37052Aug 22, 2023risk 0.00cvss —epss 0.01
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
- CVE-2022-37050Aug 22, 2023risk 0.00cvss —epss 0.01
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the…
- CVE-2020-18839Aug 22, 2023risk 0.00cvss —epss 0.01
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
- CVE-2022-37051Aug 22, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
- CVE-2020-23804Aug 22, 2023risk 0.00cvss —epss 0.01
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
- CVE-2022-38349Aug 22, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
- CVE-2023-34872Jul 31, 2023risk 0.00cvss —epss 0.01
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
- CVE-2022-38784Aug 30, 2022risk 0.00cvss —epss 0.01
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the…
- CVE-2022-27337May 5, 2022risk 0.00cvss —epss 0.02
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
- CVE-2020-35702Dec 25, 2020risk 0.00cvss —epss 0.01
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT…
- CVE-2012-2142Jan 9, 2020risk 0.00cvss —epss 0.03
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
- CVE-2010-4654Nov 13, 2019risk 0.00cvss —epss 0.01
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
- CVE-2010-4653Nov 13, 2019risk 0.00cvss —epss 0.02
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
- CVE-2010-0207Oct 30, 2019risk 0.00cvss —epss 0.01
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
Page 3 of 6