28 matches found
EUVD-2022-51241
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-25725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
Design/Logic Flaw
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
UBUNTU-CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
CVE-2022-48545 : An infinite recursion in Catalog::findDestInTree can cause a denial of service in xpdf 4.02. The vulnerability is locally exploitable (attack vector: LOCAL) with a CVSS v3.1 base score of 5.5 (medium). The available sources explicitly describe the infinite recursion in Catalog::f...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...
Updated xpdf packages fix security vulnerabilities
In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...
Fedora 32 : 1:xpdf (2021-4a437fe032)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-4a437fe032 advisory. - In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an...
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...
Design/Logic Flaw
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...
CVE-2020-35376
CVE-2020-35376 affects Xpdf 4.02, where FoFiType1C::getOp() misreferences a subroutine in a Type 1C font string, causing stack consumption. The Gentoo GLSA (GLSA-202405-18) recommends upgrading to Xpdf 4.04 or newer to fix the vulnerability. No exploitation details are provided in the connected d...
CVE-2020-35376
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...
Heap overflow
In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...