Lucene search
HistoryAug 11, 2023 - 2:15 p.m.
CVE-2021-25786
qpdf version 10.0.4
pl_ascii85decoder
remote code execution
pdf file
cve-2021-25786
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.1%
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
Affected configurations
Node
qpdf_projectqpdfMatch10.0.4
Related
osv
osv
CVE-2021-25786
2023-08-11 14:15:11
qpdf - security update
2023-08-29 00:00:00
prion
prion
Code injection
2023-08-11 14:15:00
debiancve
debiancve
CVE-2021-25786
2023-08-11 14:15:11
redhatcve
redhatcve
CVE-2021-25786
2023-08-22 17:49:08
cvelist
cvelist
CVE-2021-25786
2023-08-11 00:00:00
nessus
nessus
RHEL 9 : qpdf (Unpatched Vulnerability)
2024-06-03 00:00:00
Amazon Linux 2 : qpdf (ALAS-2024-2409)
2024-01-09 00:00:00
Debian DLA-3548-1 : qpdf - LTS security update
2023-08-30 00:00:00
cve
cve
CVE-2021-25786
2023-08-11 14:15:11
veracode
veracode
Use After Free
2023-08-17 11:12:22
ubuntucve
ubuntucve
CVE-2021-25786
2023-08-11 00:00:00
amazon
amazon
Important: qpdf
2024-01-03 21:04:00
debian
debian
[SECURITY] [DLA 3548-1] qpdf security update
2023-08-29 21:06:14
openvas
openvas
Debian: Security Advisory (DLA-3548-1)
2023-08-31 00:00:00
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.1%
Related for NVD:CVE-2021-25786