Search CVE reports
61 – 70 of 205 results
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered...
7 affected packages
texlive-bin, utopia-documents, emscripten, ipe, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| utopia-documents | Not in release | Not in release | Not in release | Not in release |
| emscripten | Ignored | Ignored | Not in release | Ignored |
| ipe | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an...
7 affected packages
emscripten, ipe, texlive-bin, libextractor, xpdf...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| emscripten | Ignored | Ignored | Not in release | Ignored |
| ipe | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
| poppler | Not affected | Not affected | Not affected | Not affected |
| utopia-documents | Not in release | Not in release | Not in release | Not in release |
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | Fixed |
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | Not affected | Ignored |
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | Not affected | Not affected | Not affected | Ignored |
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | Not affected |
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | Fixed |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.
4 affected packages
ipe, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected |
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits.
4 affected packages
xpdf, ipe, libextractor, poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | — | Not affected | Not in release | Not affected |
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |
Some fixes available 1 of 6
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters.
4 affected packages
xpdf, ipe, libextractor, poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xpdf | — | Not affected | Not in release | Not affected |
| ipe | — | Not affected | Not affected | Not affected |
| libextractor | — | Not affected | Not affected | Not affected |
| poppler | — | Not affected | Not affected | Not affected |