VDB

GCVE-VVD-MAGEIA-2019-276

GCVE-VVD-MAGEIA-2019-276
Advisory Published
Vulnetix · Advisory published September 15, 2019
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. (CVE-2019-9959) An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. (CVE-2019-10871)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiapoppler0 (affected), 0.52.0-3.14.mga6 (unaffected)
Mageiapoppler0 (affected), 0.74.0-3.2.mga7 (unaffected)

References

Updated poppler packages fix security vulnerabilities
advisory
Updated poppler packages fix security vulnerabilities
issue
Updated poppler packages fix security vulnerabilities
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›