Product:

Xpdf

(Xpdfreader)
Repositories
#Vulnerabilities 75
Date Id Summary Products Score Patch Annotated
2019-03-25 CVE-2019-10018 An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. Ubuntu_linux, Debian_linux, Xpdf 5.5
2023-02-15 CVE-2022-45586 Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. Xpdf 5.5
2023-02-15 CVE-2022-45587 Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. Xpdf 5.5
2007-07-30 CVE-2007-3387 Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. Cups, Ubuntu_linux, Debian_linux, Poppler, Gpdf, Xpdf N/A
2023-02-03 CVE-2021-36493 Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. Xpdf 7.5
2022-09-15 CVE-2022-38334 XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. Xpdf 5.5
2022-11-15 CVE-2022-43071 A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Xpdf 5.5
2022-11-14 CVE-2022-43295 XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795. Xpdf 5.5
2022-08-22 CVE-2022-38171 Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). Poppler, Xpdf 7.8
2022-09-30 CVE-2022-41843 An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. Xpdf 5.5