VYPR

rpm package

suse/qpdf&distro=SUSE Linux Enterprise Server 15 SP1-BCL

pkg:rpm/suse/qpdf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL

Vulnerabilities (2)

  • CVE-2022-34503Jul 22, 2022
    affected < 8.0.2-150000.3.5.1fixed 8.0.2-150000.3.5.1

    QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

  • CVE-2021-36978Jul 20, 2021
    affected < 8.0.2-150000.3.5.1fixed 8.0.2-150000.3.5.1

    QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails.