Phantompdf@10.0.0.35798 Security Vulnerabilities and Issues — Phantompdf@10.0.0.35798 CVE List

Lucene search

FoxitsoftwarePhantompdf10.0.0.35798

5 matches found

CVE•added 2020/08/20 1:17 a.m.•68 views

CVE-2020-15638

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Nod...

7.8CVSS7.9AI score0.00374EPSS

CVE•added 2020/08/20 1:17 a.m.•58 views

CVE-2020-15637

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.8AI score0.00897EPSS

CVE•added 2020/09/04 4:15 a.m.•48 views

CVE-2020-11493

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.

8.1CVSS7.6AI score0.00075EPSS

CVE•added 2020/09/04 4:15 a.m.•46 views

CVE-2020-12247

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.

7.1CVSS6.6AI score0.00129EPSS

CVE•added 2020/09/04 4:15 a.m.•43 views

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.

8.8CVSS9AI score0.00527EPSS