Package | poppler |
---|---|
Version | 0.48.0-2+deb9u7 (stretch) |
Related CVEs | CVE-2017-7515 CVE-2017-14617 CVE-2018-20551 CVE-2019-9903 CVE-2020-23804 CVE-2022-37050 CVE-2022-37051 CVE-2022-37052 CVE-2022-38349 CVE-2024-56378 CVE-2025-32364 CVE-2025-32365 |
Multiple vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service. An attacker could make poppler-based applications crash through various means.
Additionally, boomaga (BOOklet MAnager), a virtual preview printer, was rebuilt to handle ABI-breaking changes in the poppler private API.
-
CVE-2017-7515
An uncontrolled recursion in pdfunite resulting into potential denial-of-service. Note: the fix is a pre-requisite for CVE-2019-9903’s.
-
CVE-2017-14617
Complete fix, initially fix was in 0.48.0-2+deb9u1. For reference:
A floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
-
CVE-2018-20551
A reachable Object::getString assertion allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
-
CVE-2019-9903
PDFDoc::markObject in PDFDoc.cc mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
-
CVE-2020-23804
Uncontrolled Recursion in pdfinfo, and pdftops allows remote attackers to cause a denial of service via crafted input.
-
CVE-2022-37050
PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
-
CVE-2022-37051
A reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
-
CVE-2022-37052
A reachable Object::getString assertion allows attackers to cause a denial of service due to a failure in markObject.
-
CVE-2022-38349
There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.
-
CVE-2024-56378
Out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.
-
CVE-2025-32364
A floating-point exception in the PSStack::roll function can cause an application to crash when handling malformed inputs associated with INT_MIN.
-
CVE-2025-32365
Poppler allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
For Debian 9 stretch, these problems have been fixed in version 0.48.0-2+deb9u7.
We recommend that you upgrade your poppler packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.