This page lists publicly disclosed CVE vulnerabilities affecting freedesktop poppler (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-50420 | An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS). | [email protected] | 6.5 | 0.35% | 2025-08-04 | 2026-06-17 |
| CVE-2025-52886 | Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. | [email protected] | 5.5 | 0.37% | 2025-07-02 | 2026-06-17 |
| CVE-2025-43903 | NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. | [email protected] | 4.3 | 0.09% | 2025-04-18 | 2026-06-17 |
| CVE-2025-32365 | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. | [email protected] | 4.0 | 0.21% | 2025-04-05 | 2026-06-17 |
| CVE-2025-32364 | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. | [email protected] | 4.0 | 0.20% | 2025-04-05 | 2026-06-17 |
| CVE-2024-56378 | libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. | [email protected] | 4.3 | 0.61% | 2024-12-22 | 2026-06-17 |
| CVE-2024-6239 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. | [email protected] | 7.5 | 0.78% | 2024-06-21 | 2026-06-17 |
| CVE-2022-38349 | An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. | [email protected] | 6.5 | 0.90% | 2023-08-22 | 2026-06-17 |
| CVE-2022-37052 | A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. | [email protected] | 6.5 | 0.90% | 2023-08-22 | 2026-06-17 |
| CVE-2022-37051 | An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file. | [email protected] | 6.5 | 0.96% | 2023-08-22 | 2026-06-17 |
| CVE-2022-37050 | In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662. | [email protected] | 6.5 | 0.92% | 2023-08-22 | 2026-06-17 |
| CVE-2020-23804 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. | [email protected] | 7.5 | 0.89% | 2023-08-22 | 2026-06-16 |
| CVE-2020-18839 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. | [email protected] | 6.5 | 0.57% | 2023-08-22 | 2026-06-16 |
| CVE-2020-36024 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. | [email protected] | 5.5 | 0.52% | 2023-08-11 | 2026-06-16 |
| CVE-2020-36023 | An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. | [email protected] | 6.5 | 0.93% | 2023-08-11 | 2026-06-16 |
| CVE-2023-34872 | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. | [email protected] | 5.5 | 0.87% | 2023-07-31 | 2026-06-17 |
| CVE-2022-38784 | Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | [email protected] | 7.8 | 0.58% | 2022-08-29 | 2026-06-17 |
| CVE-2022-38171 | Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). | [email protected] | 7.8 | 0.31% | 2022-08-22 | 2026-06-17 |
| CVE-2022-27337 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | [email protected] | 6.5 | 1.46% | 2022-05-05 | 2026-06-17 |
| CVE-2021-30860 KEV | An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | [email protected] | 7.8 | 75.99% | 2021-08-24 | 2026-06-16 |