Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpdf xpdf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4976
Out-of-bounds array write in Xpdf 4.05 and previous versions, due to missing object type check in AcroForm field reference.
NA
CVE-2024-4568
In Xpdf 4.05 (and previous versions), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.
NA
CVE-2024-4141
Out-of-bounds array write in Xpdf 4.05 and previous versions, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
NA
CVE-2024-3900
Out-of-bounds array write in Xpdf 4.05 and previous versions, triggered by long Unicode sequence in ActualText.
NA
CVE-2024-3247
In Xpdf 4.05 (and previous versions), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.
NA
CVE-2024-3248
In Xpdf 4.05 (and previous versions), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.
NA
CVE-2024-2971
Out-of-bounds array write in Xpdf 4.05 and previous versions, triggered by negative object number in indirect reference in the input PDF file.
5.5
CVSSv3
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Xpdfreader Xpdf 4.02
3.3
CVSSv3
CVE-2023-3436
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.
Xpdfreader Xpdf 4.04
3.3
CVSSv3
CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large ch...
Xpdfreader Xpdf
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »