Your submission was sent successfully! Close


Published: 1 March 2019

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JArithmeticDecoder::decodeBit.



CVSS 3 base score: 8.8


Package Release Status
Launchpad, Ubuntu, Debian
bionic Deferred

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Deferred

jammy Deferred

precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

xenial Deferred