5 matches found
NewStart CGSL MAIN 7.02 : xpdf Multiple Vulnerabilities (NS-SA-2025-0121)
The remote NewStart CGSL host, running version MAIN 7.02, has xpdf packages installed that are affected by multiple vulnerabilities: - XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. CVE-2022-38928 - There is a use-after-free issue in JBIG2Stream::close located in...
GLSA-202409-25 : Xpdf: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-25 Xpdf: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...
Mageia: Security Advisory (MGASA-2024-0035)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-38222
CVE-2022-38222 affects Xpdf 4.04, with a use-after-free in JBIG2Stream::close() (JBIG2Stream.cc). Triggered by sending a crafted PDF to pdfimages, it allows Denial of Service and possibly other impact. Public sources in the connected documents confirm the vulnerability and indicate fixes in later...
CVE-2022-38222
There is a use-after-free issue in JBIG2Stream::close located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to for example the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact...