Linux Distros Unpatched Vulnerability : CVE-2021-25786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in...

RHEL 9 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - qpdf: Heap use after free in PlASCII85Decoder::write CVE-2021-25786 Note that Nessus has not tested for this issue...

RHEL 8 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: Heap use after free in PlASCII85Decoder::write CVE-2021-25786 - qpdf: heap-based buffer overflow in...

Amazon Linux 2 : qpdf (ALAS-2024-2409)

The version of qpdf installed on the remote host is prior to 5.0.1-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2409 advisory. 2024-01-17: CVE-2021-36978 was added to this advisory. An issue was discovered in QPDF version 10.0.4, allows remote attacker...

Important: qpdf

Issue Overview: An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf. CVE-2021-25786 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in...

Debian: Security Advisory (DLA-3548-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...

CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...

CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...

CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...

CVE-2021-25786

CVE-2021-25786 affects QPDF 10.0.4, where a crafted PDF can trigger remote code execution via Pl_ASCII85Decoder::write in libqpdf. Multiple connected advisories (Debian DLA-3548, Red Hat unpatched advisories, and Amazon ALAS-2024-2409) corroborate the issue and indicate downstream fixes/upgrades ...

CVE-2021-25786

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to PlASCII85Decoder::write parameter in libqpdf...