Freedesktop » Poppler : Security Vulnerabilities, CVEs, CVSS score >= 9
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Max CVSS
9.8
EPSS Score
1.02%
Published
2019-03-08
Updated
2020-07-23
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
Max CVSS
9.3
EPSS Score
3.37%
Published
2016-05-06
Updated
2018-01-05
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.
Max CVSS
9.3
EPSS Score
0.14%
Published
2019-11-13
Updated
2020-08-18
3 vulnerabilities found