VYPR

Xpdfreader

by Xpdf

CVEs (3)

  • CVE-2019-9589HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.01

    There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault)…

  • CVE-2021-40226HigNov 10, 2022
    risk 0.49cvss 7.5epss 0.01

    xpdfreader 4.03 is vulnerable to Buffer Overflow.

  • CVE-2018-18650MedOct 25, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a…