Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: poppler_gi

Found 5 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2010-0207
created 1 month, 4 weeks ago
In xpdf, the xref table contains an infinite loop which …

In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.

Affected products

poppler
  • ==0.26.5-2

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2012-2142
created 1 month, 4 weeks ago
The error function in Error.cc in poppler before 0.21.4 allows …

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

References

Affected products

poppler
  • ==before 0.21.4

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2010-4654
created 1 month, 4 weeks ago
poppler before 0.16.3 has malformed commands that may cause corruption …

poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.

References

Affected products

poppler
  • ==before 0.16.3

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2010-4653
created 1 month, 4 weeks ago
An integer overflow condition in poppler before 0.16.3 can occur …

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

References

Affected products

poppler
  • ==before 0.16.3

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2024-6239
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year, 3 months ago
Poppler: pdfinfo: crash in broken documents when using -dests parameter

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

References

Affected products

poppler
  • *
  • =<24.06.1
compat-poppler022
gimp:flatpak/poppler
  • *
inkscape:flatpak/poppler
  • *
libreoffice:flatpak/poppler
  • *

Matching in nixpkgs

Package maintainers