227 matches found
UBUNTU-CVE-2024-46952
An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...
SUSE CVE-2024-46952
An issue was discovered in pdf/pdfxref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream related to W array values...
PT-2024-7789 · Artifex +7 · Artifex Ghostscript +7
Name of the Vulnerable Software and Affected Versions: Artifex Ghostscript versions prior to 10.04.0 Description: A buffer overflow issue exists in the pdf/pdf xref.c file of Artifex Ghostscript, related to the handling of a PDF XRef stream and W array values. This issue can be exploited by a...
OESA-2024-1967 qpdf security update
QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...
OESA-2024-1966 qpdf security update
QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It also provides many useful capabilities to developers of PDF-producing software or for people who just want to look at the innards of a PDF...
SUSE-SU-2024:2287-1 Security update for podofo
This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720 - Drop unused backup sources to clean up the compile env bsc1213720...
PT-2024-40997 · Podofo · Podofo
Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Additionally, there is a cleanu...
PT-2024-40996 · Podofo · Podofo
Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Recommendations: At the moment,...
Crash Issue
Xpdf is vulnerable to a crash issue. The vulnerability is due to a crash in the XRef::fetchint, int, Object, int function in xpdf/XRef.cc...
The vulnerability of the XRef::fetch() function in PDF viewing software, Xpdf, allows a malicious actor to cause an unexpected termination of the application.
The vulnerability of the XRef::fetch function xpdf/XRef.cc in PDF viewing software like Xpdf is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause the application to terminate abnormally...
SUSE SLED15: libpoppler-cpp0 / libpoppler-cpp0-32bit / libpoppler-devel / etc (SUSE-SU-2023:3947-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3947-1 advisory. - CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c bsc1214622. - CVE-2022-3705...
The vulnerability of the Poppler PDF rendering library, related to improper resource termination or resource release, allows a perpetrator to trigger a service failure.
The vulnerability of the Poppler PDF rendering library is related to PDF files in which the xref data structure is incorrectly processed during the getCatalog operation. Exploiting this vulnerability can allow an attacker to cause service failures...
ROS-20230918-04
A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...
OESA-2023-1611 poppler security update
Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes:...
OESA-2023-1612 poppler security update
Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes:...
SUSE CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...
CVE-2022-37050
A vulnerability was found in poppler, where PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing...
CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...
DEBIAN-CVE-2022-37050
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...
Design/Logic Flaw
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of...