Shodan
Vulnerabilities
Vulnerable Software
Freedesktop:  >> Poppler  >> 20.12.1  Security Vulnerabilities
CVE-2025-50420
An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
CVSS Score
6.5
EPSS Score
0.002
Published
2025-08-04
CVE-2025-52886
Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-07-02
CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-04-18
CVE-2025-32365
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-04-05
CVE-2025-32364
A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-04-05
CVE-2024-56378
libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-12-23
CVE-2024-6239
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-06-21
CVE-2020-36023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-11
CVE-2020-36024
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-11
CVE-2023-34872
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
CVSS Score
5.5
EPSS Score
0.002
Published
2023-07-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved