ID CVE-2019-9959
Summary The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
References
Vulnerable Configurations
  • cpe:2.3:a:freedesktop:poppler:-:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:-:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.90:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.90:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.5.91:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.5.91:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.6:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.10.7:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.13.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.13.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.13.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.6:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.6:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.16.7:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.16.7:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.17.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.17.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.17.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.18.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.18.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.18.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.18.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.19.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.19.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.20.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.20.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.21.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.21.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.21.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.22.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.22.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.23.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.23.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.23.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.23.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.23.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.23.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.23.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.24.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.24.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.25.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.25.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.25.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.25.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.25.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.25.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.2:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.3:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.3:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.4:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.4:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.26.5:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.26.5:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.36.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.37.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.38.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.40.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.41.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.42.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.43.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.44.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.45.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.46.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.47.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.48.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.49.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.50.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.51.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.51.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.52.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.52.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.53.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.53.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.54.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.54.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.55.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.55.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.56.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.56.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.57.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.57.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.58.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.58.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.61.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.61.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.61.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.62.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.62.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.63.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.63.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.64.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.64.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.65.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.65.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.66.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.66.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.67.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.67.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.68.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.68.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.69.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.69.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.70.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.70.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.70.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.70.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.71.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.71.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.76:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.76:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.76.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.76.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.76.1:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.76.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.77.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.77.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freedesktop:poppler:0.78.0:*:*:*:*:*:*:*
    cpe:2.3:a:freedesktop:poppler:0.78.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 11-02-2023 - 18:27)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1732340
    title CVE-2019-9959 poppler: integer overflow in JPXStream::init function leading to memory consumption
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment poppler is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713001
          • comment poppler is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859002
        • AND
          • comment poppler-cpp is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713003
          • comment poppler-cpp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580004
        • AND
          • comment poppler-cpp-devel is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713005
          • comment poppler-cpp-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580006
        • AND
          • comment poppler-debugsource is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713007
          • comment poppler-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192713008
        • AND
          • comment poppler-devel is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713009
          • comment poppler-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859004
        • AND
          • comment poppler-glib is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713011
          • comment poppler-glib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859006
        • AND
          • comment poppler-glib-devel is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713013
          • comment poppler-glib-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859008
        • AND
          • comment poppler-qt5 is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713015
          • comment poppler-qt5 is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192713016
        • AND
          • comment poppler-qt5-devel is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713017
          • comment poppler-qt5-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192713018
        • AND
          • comment poppler-utils is earlier than 0:0.66.0-11.el8_0.12
            oval oval:com.redhat.rhsa:tst:20192713019
          • comment poppler-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859018
    rhsa
    id RHSA-2019:2713
    released 2019-09-12
    severity Moderate
    title RHSA-2019:2713: poppler security update (Moderate)
  • bugzilla
    id 1753850
    title CVE-2018-21009 poppler: integer overflow in Parser::makeStream in Parser.cc
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment evince is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074001
          • comment evince is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009002
        • AND
          • comment evince-browser-plugin is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074003
          • comment evince-browser-plugin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20172388004
        • AND
          • comment evince-devel is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074005
          • comment evince-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009004
        • AND
          • comment evince-dvi is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074007
          • comment evince-dvi is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009006
        • AND
          • comment evince-libs is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074009
          • comment evince-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110009008
        • AND
          • comment evince-nautilus is earlier than 0:3.28.2-9.el7
            oval oval:com.redhat.rhsa:tst:20201074011
          • comment evince-nautilus is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20172388012
        • AND
          • comment poppler is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074013
          • comment poppler is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859002
        • AND
          • comment poppler-cpp is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074015
          • comment poppler-cpp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580004
        • AND
          • comment poppler-cpp-devel is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074017
          • comment poppler-cpp-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580006
        • AND
          • comment poppler-demos is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074019
          • comment poppler-demos is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20162580008
        • AND
          • comment poppler-devel is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074021
          • comment poppler-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859004
        • AND
          • comment poppler-glib is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074023
          • comment poppler-glib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859006
        • AND
          • comment poppler-glib-devel is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074025
          • comment poppler-glib-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859008
        • AND
          • comment poppler-qt is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074027
          • comment poppler-qt is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859010
        • AND
          • comment poppler-qt-devel is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074029
          • comment poppler-qt-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859012
        • AND
          • comment poppler-utils is earlier than 0:0.26.5-42.el7
            oval oval:com.redhat.rhsa:tst:20201074031
          • comment poppler-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100859018
    rhsa
    id RHSA-2020:1074
    released 2020-03-31
    severity Moderate
    title RHSA-2020:1074: poppler and evince security update (Moderate)
rpms
  • poppler-0:0.66.0-11.el8_0.12
  • poppler-cpp-0:0.66.0-11.el8_0.12
  • poppler-cpp-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-cpp-devel-0:0.66.0-11.el8_0.12
  • poppler-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-debugsource-0:0.66.0-11.el8_0.12
  • poppler-devel-0:0.66.0-11.el8_0.12
  • poppler-glib-0:0.66.0-11.el8_0.12
  • poppler-glib-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-glib-devel-0:0.66.0-11.el8_0.12
  • poppler-qt5-0:0.66.0-11.el8_0.12
  • poppler-qt5-debuginfo-0:0.66.0-11.el8_0.12
  • poppler-qt5-devel-0:0.66.0-11.el8_0.12
  • poppler-utils-0:0.66.0-11.el8_0.12
  • poppler-utils-debuginfo-0:0.66.0-11.el8_0.12
  • evince-0:3.28.2-9.el7
  • evince-browser-plugin-0:3.28.2-9.el7
  • evince-debuginfo-0:3.28.2-9.el7
  • evince-devel-0:3.28.2-9.el7
  • evince-dvi-0:3.28.2-9.el7
  • evince-libs-0:3.28.2-9.el7
  • evince-nautilus-0:3.28.2-9.el7
  • poppler-0:0.26.5-42.el7
  • poppler-cpp-0:0.26.5-42.el7
  • poppler-cpp-devel-0:0.26.5-42.el7
  • poppler-debuginfo-0:0.26.5-42.el7
  • poppler-demos-0:0.26.5-42.el7
  • poppler-devel-0:0.26.5-42.el7
  • poppler-glib-0:0.26.5-42.el7
  • poppler-glib-devel-0:0.26.5-42.el7
  • poppler-qt-0:0.26.5-42.el7
  • poppler-qt-devel-0:0.26.5-42.el7
  • poppler-utils-0:0.26.5-42.el7
refmap via4
bid 109342
confirm https://gitlab.freedesktop.org/poppler/poppler/blob/master/NEWS
fedora
  • FEDORA-2019-69ec14786b
  • FEDORA-2019-8729e0edf5
mlist
  • [debian-lts-announce] 20191017 [SECURITY] [DLA 1963-1] poppler security update
  • [debian-lts-announce] 20201108 [SECURITY] [DLA 2440-1] poppler security update
Last major update 11-02-2023 - 18:27
Published 22-07-2019 - 15:15
Last modified 11-02-2023 - 18:27
Back to Top