python-pillow: Regular expression DoS in PDF format parser

A flaw was found in python-pillow. The PDF parser has a catastrophic backtracking regex that could be used as a DOS attack...

UBUNTU-CVE-2021-25292

An issue was discovered in Pillow before 8.1.1. The PDF parser allows a regular expression DoS ReDoS attack via a crafted PDF file because of a catastrophic backtracking regex...

UBUNTU-CVE-2018-1000039

In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file...

DEBIAN-CVE-2018-1000039

In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file...

PT-2018-9225 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex MuPDF versions 1.12.0 and earlier Description: The issue allows an attacker to cause a denial of service via a crafted file, exploiting multiple reachable assertions in the PDF parser. Recommendations: For Artifex MuPDF versions 1.12....

xpdf: uninitialized Gfx::parser pointer dereference

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service crash via unknown vectors that trigger an uninitialized pointer...

DEBIAN-CVE-2010-1639

The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...