VYPR

rpm package

suse/qpdf&distro=SUSE OpenStack Cloud Crowbar 9

pkg:rpm/suse/qpdf&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Vulnerabilities (2)

  • CVE-2022-34503Jul 22, 2022
    affected < 7.1.1-3.8.1fixed 7.1.1-3.8.1

    QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

  • CVE-2021-36978Jul 20, 2021
    affected < 7.1.1-3.8.1fixed 7.1.1-3.8.1

    QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails.