Search CVE reports

Toggle filters

51 – 60 of 203 results

CVE-2019-13287

Medium priority
Ignored

In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool....

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13286

Medium priority
Ignored

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-13283

Low priority

Some fixes available 1 of 8

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13282

Medium priority
Ignored

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-13281

Medium priority
Ignored

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool....

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
Show less packages

CVE-2019-12958

Medium priority

Some fixes available 12 of 19

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one...

4 affected packages

xpdf, ipe, libextractor, poppler

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
xpdf Not affected Not in release Not affected
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Fixed Fixed Fixed
Show less packages

CVE-2019-12957

Medium priority
Ignored

In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-12515

Medium priority
Ignored

There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an...

4 affected packages

ipe, libextractor, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ipe Not affected Not affected Not affected
libextractor Not affected Not affected Not affected
poppler Not affected Not affected Not affected
xpdf Not affected Not in release Not affected
Show less packages

CVE-2019-12493

Negligible priority
Vulnerable

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered...

7 affected packages

texlive-bin, utopia-documents, emscripten, ipe, libextractor...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
texlive-bin Vulnerable Vulnerable Vulnerable Vulnerable
utopia-documents Not in release Not in release Not in release Not in release
emscripten Ignored Ignored Not in release Ignored
ipe Not affected Not affected Not affected Not affected
libextractor Not affected Not affected Not affected Not affected
poppler Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
Show all 7 packages Show less packages

CVE-2019-12360

Low priority
Vulnerable

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an...

7 affected packages

emscripten, ipe, texlive-bin, libextractor, xpdf...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
emscripten Ignored Ignored Not in release Ignored
ipe Not affected Not affected Not affected Not affected
texlive-bin Vulnerable Vulnerable Vulnerable Vulnerable
libextractor Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected
poppler Not affected Not affected Not affected Not affected
utopia-documents Not in release Not in release Not in release Not in release
Show all 7 packages Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON