Browse all 10 CVE security advisories affecting poppler. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Poppler is a widely used C++ library for rendering PDF documents, primarily integrated into applications requiring PDF processing capabilities. Historically, it has been susceptible to multiple remote code execution vulnerabilities due to issues in parsing PDF structures, along with cross-site scripting flaws and privilege escalation risks through maliciously crafted files. The library's complex parsing logic has frequently introduced memory corruption bugs, leading to 10 documented CVEs. While no major public security incidents have been widely reported, the consistent discovery of critical flaws in PDF parsing components highlights ongoing risks for applications relying on this library for handling untrusted document inputs.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52885 | GHSL-2025-042: Poppler has Use-After-Free — popplerCWE-416 | 8.8AI | HighAI | 2025-10-10 |
| CVE-2025-52886 | Poppler Use After Free Vulnerability — popplerCWE-416 | 9.8 | - | 2025-07-02 |
| CVE-2012-2142 | Poppler 安全漏洞 — poppler | 7.8 | - | 2020-01-09 |
| CVE-2010-4654 | Poppler 注入漏洞 — poppler | 8.8 | - | 2019-11-13 |
| CVE-2010-4653 | Freedesktop Poppler 输入验证错误漏洞 — poppler | 8.1 | - | 2019-11-13 |
| CVE-2010-0207 | Xpdf 安全漏洞 — poppler | 5.5 | - | 2019-10-30 |
| CVE-2017-2814 | Poppler 缓冲区错误漏洞 — Poppler | 8.8 | - | 2017-07-12 |
| CVE-2017-2818 | Poppler 缓冲区错误漏洞 — Poppler | 8.8 | - | 2017-07-12 |
| CVE-2017-2820 | Poppler 数字错误漏洞 — Poppler | 8.8 | - | 2017-07-12 |
| CVE-2017-7511 | Poppler pdfunite 安全漏洞 — popplerCWE-476 | 5.5 | - | 2017-05-30 |
This page lists every published CVE security advisory associated with poppler. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.