Search CVE reports

Toggle filters

11 – 20 of 109 results

CVE-2019-14289

Medium priority
Needs evaluation

An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libextractor Not affected Not affected Not affected Not affected
poppler Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
Show less packages

CVE-2019-14288

Medium priority
Needs evaluation

An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libextractor Not affected Not affected Not affected Not affected
poppler Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
Show less packages

CVE-2019-13291

Medium priority
Ignored

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-13289

Medium priority
Ignored

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-13288

Medium priority
Ignored

In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.

4 affected packages

ipe, xpdf, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13287

Medium priority
Ignored

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool....

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13286

Medium priority
Ignored

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-13283

Low priority

Some fixes available 1 of 8

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13282

Medium priority
Ignored

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13281

Medium priority
Ignored

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool....

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON