rpm package
suse/qpdf&distro=SUSE Enterprise Storage 6
pkg:rpm/suse/qpdf&distro=SUSE%20Enterprise%20Storage%206
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34503 | — | < 8.0.2-150000.3.5.1 | 8.0.2-150000.3.5.1 | Jul 22, 2022 | QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||
| CVE-2021-36978 | — | < 8.0.2-150000.3.5.1 | 8.0.2-150000.3.5.1 | Jul 20, 2021 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails. |
- CVE-2022-34503Jul 22, 2022affected < 8.0.2-150000.3.5.1fixed 8.0.2-150000.3.5.1
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
- CVE-2021-36978Jul 20, 2021affected < 8.0.2-150000.3.5.1fixed 8.0.2-150000.3.5.1
QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails.