Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdfreader vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2662
In Xpdf 4.04 (and previous versions), a bad color space object in the input PDF file can cause a divide-by-zero.
Xpdfreader Xpdf
NA
CVE-2023-2663
In Xpdf 4.04 (and previous versions), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf
NA
CVE-2023-2664
In Xpdf 4.04 (and previous versions), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.
Xpdfreader Xpdf
NA
CVE-2022-38334
XPDF v4.04 and previous versions exists to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
Xpdfreader Xpdf
NA
CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large ch...
Xpdfreader Xpdf
1 Github repository
NA
CVE-2022-24106
In Xpdf before 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
Glyphandcog Xpdfreader
NA
CVE-2022-24107
Xpdf before 4.04 lacked an integer overflow check in JPXStream.cc.
Glyphandcog Xpdfreader
6.8
CVSSv2
CVE-2022-33108
XPDF v4.04 exists to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.
Xpdfreader Xpdf 4.04
NA
CVE-2022-38222
There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an malicious user to cause Denial of Service or possibly have unspecified other impac...
Xpdfreader Xpdf 4.04
NA
CVE-2022-43071
A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Xpdfreader Xpdf 4.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »