Freedesktop Poppler
38 CVEs affecting Freedesktop Poppler. Latest disclosed: 2025-10-01. Critical: 0, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-15565 | High | 8.8 | 2017-10-17 | In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. |
CVE-2017-2820 | High | 8.8 | 2017-07-12 | An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF fi… |
CVE-2017-14617 | High | 7.8 | 2017-09-20 | In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF fi… |
CVE-2017-14520 | High | 7.8 | 2017-09-17 | In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF… |
CVE-2017-14518 | High | 7.8 | 2017-09-17 | In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document. |
CVE-2017-9776 | High | 7.8 | 2017-06-22 | Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (a… |
CVE-2015-8868 | High | 7.8 | 2016-05-06 | Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of servi… |
CVE-2017-14977 | High | 7.5 | 2017-10-02 | The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table p… |
CVE-2017-14976 | High | 7.5 | 2017-10-02 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary… |
CVE-2017-14975 | High | 7.5 | 2017-10-02 | The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initial… |
CVE-2017-14929 | High | 7.5 | 2017-09-30 | In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx… |
CVE-2017-14519 | High | 7.5 | 2017-09-17 | In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx… |
CVE-2017-2818 | High | 7.5 | 2017-07-12 | An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large… |
CVE-2017-2814 | High | 7.5 | 2017-07-12 | An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizin… |
CVE-2017-9775 | Medium | 6.5 | 2017-06-22 | Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafte… |
CVE-2017-9408 | Medium | 6.5 | 2017-06-02 | In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service vi… |
CVE-2017-9406 | Medium | 6.5 | 2017-06-02 | In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted… |
CVE-2017-9083 | Medium | 6.5 | 2017-05-19 | poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the per… |
CVE-2017-14928 | Medium | 5.5 | 2017-09-30 | In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. |
CVE-2017-14927 | Medium | 5.5 | 2017-09-30 | In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document. |