OESA-2024-1967 qpdf security update

QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...

OESA-2024-1966 qpdf security update

QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...

The vulnerability of the QPDF::processXRefStream function in the command-line utility for converting QPDF documents allows a attacker to cause a service failure.

The vulnerability of the QPDF::processXRefStream command-line utility for converting PDF documents is related to the lack of resource release after the expiration of its useful period. Exploiting this vulnerability could allow a malicious actor to cause service failures...

DEBIAN-CVE-2022-34503

QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...