Xpdf
by Xpdf
CVEs (171)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41842 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc. | |||
| CVE-2022-41843 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. | |||
| CVE-2022-41844 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. | |||
| CVE-2022-38928 | 0.00 | — | 0.00 | Sep 21, 2022 | XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. | |||
| CVE-2022-38334 | 0.00 | — | 0.00 | Sep 15, 2022 | XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc. | |||
| CVE-2022-36561 | 0.00 | — | 0.00 | Aug 30, 2022 | XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538. | |||
| CVE-2022-24106 | 0.00 | — | 0.00 | Aug 30, 2022 | In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | |||
| CVE-2022-24107 | 0.00 | — | 0.00 | Aug 30, 2022 | Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | |||
| CVE-2022-38171 | 0.00 | — | 0.00 | Aug 22, 2022 | Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the… | |||
| CVE-2022-38238 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. | |||
| CVE-2022-38237 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. | |||
| CVE-2022-38236 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. | |||
| CVE-2022-38235 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. | |||
| CVE-2022-38234 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc. | |||
| CVE-2022-38233 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc. | |||
| CVE-2022-38231 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc. | |||
| CVE-2022-38230 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. | |||
| CVE-2022-38228 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. | |||
| CVE-2022-38229 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. | |||
| CVE-2022-38227 | 0.00 | — | 0.00 | Aug 16, 2022 | XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. |
- CVE-2022-41842Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.
- CVE-2022-41843Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.
- CVE-2022-41844Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.
- CVE-2022-38928Sep 21, 2022risk 0.00cvss —epss 0.00
XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.
- CVE-2022-38334Sep 15, 2022risk 0.00cvss —epss 0.00
XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
- CVE-2022-36561Aug 30, 2022risk 0.00cvss —epss 0.00
XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
- CVE-2022-24106Aug 30, 2022risk 0.00cvss —epss 0.00
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
- CVE-2022-24107Aug 30, 2022risk 0.00cvss —epss 0.00
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
- CVE-2022-38171Aug 22, 2022risk 0.00cvss —epss 0.00
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the…
- CVE-2022-38238Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc.
- CVE-2022-38237Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc.
- CVE-2022-38236Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc.
- CVE-2022-38235Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.
- CVE-2022-38234Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc.
- CVE-2022-38233Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc.
- CVE-2022-38231Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc.
- CVE-2022-38230Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc.
- CVE-2022-38228Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
- CVE-2022-38229Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
- CVE-2022-38227Aug 16, 2022risk 0.00cvss —epss 0.00
XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp.
Page 4 of 9