CPE-262716E3-6ABF-48AA-8BA1-A10BF23FCCE5 Detail

CPE Details

Freedesktop Poppler 20.12.1

Vendor

freedesktop

Product

poppler

Version

20.12.1

Created

2020-12-29
18h49 +00:00

Modified

2020-12-29
18h49 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:freedesktop:poppler:20.12.1:::::::*

Informations

Vendor

freedesktop

Product

poppler

Version

20.12.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-6239	2024-06-21 13h28 +00:00	A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.	7.5	High
CVE-2020-36023	2023-08-10 22h00 +00:00	An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.	6.5	Medium
CVE-2020-36024	2023-08-10 22h00 +00:00	An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.	5.5	Medium
CVE-2023-34872	2023-07-30 22h00 +00:00	A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.	5.5	Medium
CVE-2022-38784	2022-08-30 02h58 +00:00	Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.	7.8	High
CVE-2022-38171	2022-08-22 18h33 +00:00	Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).	7.8	High
CVE-2021-30860	2021-08-24 18h49 +00:00	An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.	7.8	High
CVE-2020-35702	2020-12-25 00h02 +00:00	DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects	7.8	High

Freedesktop Poppler 20.12.1

CPE Details

CPE Name: cpe:2.3:a:freedesktop:poppler:20.12.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:freedesktop:poppler:20.12.1:::::::*