VYPR

Pdfium

by Google

CVEs (31)

  • CVE-2019-5855Nov 25, 2019
    risk 0.00cvss epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-13679Nov 25, 2019
    risk 0.00cvss epss 0.01

    Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.

  • CVE-2019-5820Jun 27, 2019
    risk 0.00cvss epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2015-6779Dec 6, 2015
    risk 0.00cvss epss 0.02

    PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.

  • CVE-2015-6775Dec 6, 2015
    risk 0.00cvss epss 0.02

    fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

  • CVE-2015-1273Jul 23, 2015
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.

  • CVE-2015-1259May 20, 2015
    risk 0.00cvss epss 0.01

    PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2015-1225Mar 9, 2015
    risk 0.00cvss epss 0.01

    PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2014-9647Jan 27, 2015
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdk_mgr.cpp, a…

  • CVE-2014-7901Nov 19, 2014
    risk 0.00cvss epss 0.01

    Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long…

  • CVE-2014-7900Nov 19, 2014
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a…

Page 2 of 2