18 matches found
CVE-2020-23878
Summary: CVE-2020-23878 affects pdf2json v0.71, with a stack buffer overflow in the XRef::fetch function. The vulnerability is documented across multiple feeds as a buffer overflow in a Java-based PDF-to-JSON library (pdf2json). Impact: CVSS metrics indicate high to critical severity (CVSS‑2.0: b...
CVE-2020-23879
CVE-2020-23879 affects pdf2json v0.71, with a NULL pointer dereference in ObjectStream::getObject. The vulnerability is documented across multiple feeds (NVD entry and Red Hat/CNVD/etc.), but the connected documents do not specify a vendor patch or remediation version. Impact details from NVD ind...
CVE-2020-19467
CVE-2020-19467 affects PDF2JSON 0.70, where the DCTStream::transformDataUnit function contains a use-after-free condition that can lead to Denial of Service. The issue is described consistently across multiple sources (NVD, RH Advisory, CNVD, OSV, CVE listings) as a DoS vulnerability caused by an...
CVE-2020-19468
PDF2JSON 0.70 contains a vulnerability in EmbedStream::getChar that can cause a Denial of Service via a null pointer dereference (invalid read of size 8). Affected software: PDF2JSON 0.70 (no further versions specified in the provided documents). The root cause is described as a null pointer dere...
CVE-2020-19465
CVE-2020-19465 concerns PDF2JSON 0.70, where the vulnerability resides in the function ObjectStream::getObject. The issue enables a Denial of Service via an invalid read of size 4 in the parsing path. This is a software-level bug within PDF2JSON's object stream handling, not an authentication or ...
CVE-2020-19463
The CVE-2020-19463 issue affects PDF2JSON 0.70, with the vulnerability in the vfprintf function that can trigger a stack overflow and cause a Denial of Service. The exploitation details are not provided in the sources, and remediation status is unclear; one PT Security entry notes that there is n...
CVE-2020-19471
CVE-2020-19471 affects PDF2JSON 0.70 due to a flaw in DCTStream::decodeImage that can cause a Denial of Service via an invalid read of size 4. This vulnerability is described across multiple sources (NVD, Red Hat, CNVD, OSV, CVE listings) with DoS impact and no public exploit details provided in ...
CVE-2020-19472
PDF2JSON 0.70 contains a Denial of Service vulnerability in DCTStream::readHuffSym caused by an invalid read of size 2. The issue is documented across multiple sources (e.g., NVD, RH, CNVD) and specifically affects PDF2JSON’s DCTStream::readHuffSym path. The connected documents confirm the vulner...
CVE-2018-14946
CVE-2018-14946 affects PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc uses mismatched memory management routines (malloc vs operator delete), which can lead to undefined behavior or crashes. Exploitation details and fixes are not provided in the supplied documents.
CVE-2020-18750
CVE-2020-18750: Buffer overflow in pdf2json 0.69 can allow local users to execute arbitrary code by converting a crafted PDF file. The issue is triggered during PDF processing in pdf2json, with local access required. The available connected documents do not provide explicit exploit details, affec...
CVE-2020-19466
CVE-2020-19466 affects PDF2JSON 0.70. The vulnerability is in DCTStream::transformDataUnit and allows a Denial of Service via an invalid read of size 1. Multiple sources (NVD, CNVD, Red Hat entries) describe the same issue; no exploit details or in-the-wild activity are provided in the connected ...
CVE-2020-19474
CVE-2020-19474 affects PDF2JSON 0.70, with a Use-After-Free in Gfx::doShowText that can trigger a Denial of Service. The Red Hat and CNVD/NVD entries corroborate a vulnerability in PDF2JSON’s text rendering path, but the publicly provided documents do not include concrete patch/versions beyond th...
CVE-2020-19469
The CVE concerns PDF2JSON 0.70, where a flaw in DCTStream::reset allows a Denial of Service via an invalid write of size 8. The vulnerability is tied to the PDF2JSON library’s DCTStream::reset routine and is described consistently across multiple sources in the connected documents. The provided m...
CVE-2020-19464
PDF2JSON 0.70 is affected by a Denial of Service via a stack overflow in the XRef::fetch function. The vulnerability affects the PDF2JSON library (version 0.70) and can be triggered by inputs processed through XRef::fetch, per multiple sources (including CVE-2020-19464 records and PT-2021-10349 n...
CVE-2020-19475
Vulnerability summary. CVE-2020-19475 affects PDF2JSON 0.70 (built on XPDF 3.02). The issue resides in CCITTFaxStream::lookChar, where an invalid write of size 2 can cause a Denial of Service. Multiple sources (NVD, RH, CNVD, OSV, CNVD) corroborate this description. The connected documents do not...
CVE-2018-14947
The CVE-2018-14947 issue affects PDF2JSON 0.69, specifically XmlFontAccu::CSStyle in XmlFonts.cc, where memory management routines are mismatched (operator new[] vs operator delete). This points to a potential memory corruption vulnerability. No exploit details or affected versions beyond 0.69 ar...
CVE-2020-19470
PDF2JSON 0.70 contains a vulnerability in DCTStream::getChar where a NULL pointer dereference can trigger Denial of Service. Affected software: PDF2JSON 0.70 (Java-based library as described). Root cause: NULL read in getChar leads to DoS. Exploitation details, affected versions beyond 0.70, work...
CVE-2020-19473
PDF2JSON 0.70 contains a Denial of Service vulnerability in DCTStream::decodeImage caused by an uncaught floating point exception. The issue lies in the image decoding path and leads to a DoS when processing crafted PDFs. The root cause is an unhandled floating-point exception. Connected sources ...