Search CVE reports
181 – 190 of 490 results
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.
4 affected packages
ipe, libextractor, xpdf, poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as...
1 affected package
qbittorrent
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qbittorrent | Not affected | Not affected | Not affected | Vulnerable |
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an...
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646.
4 affected packages
ipe, xpdf, libextractor, poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |