5 matches found
CVE-2026-42593 Gotenberg: Arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, and chromium/convert/markdown accept stampSource=pdf + stampExpression=/path and watermarkSource=pdf +...
PT-2025-9098 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash involves the chunk obj alloc and pdfi read cff dict functions. Recommendations: At the moment, there is no information about a newer...
Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...
CVE-2017-15587
An integer overflow was discovered in pdfreadnewxrefsection in pdf/pdf-xref.c in Artifex MuPDF 1.11...
CVE-2017-15587
An integer overflow was discovered in pdfreadnewxrefsection in pdf/pdf-xref.c in Artifex MuPDF 1.11...