Xpdf Security Vulnerabilities and Issues — Xpdf CVE List

Lucene search

XpdfreaderXpdf

6 matches found

CVE•added 2022/09/30 5:15 a.m.•62 views

CVE-2022-41843

An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.

5.5CVSS6AI score0.00106EPSS

CVE•added 2022/09/30 5:15 a.m.•58 views

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.

5.5CVSS5.5AI score0.00769EPSS

CVE•added 2022/09/15 9:15 p.m.•53 views

CVE-2022-38334

XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.

5.5CVSS5.8AI score0.00043EPSS

CVE•added 2022/09/30 5:15 a.m.•53 views

CVE-2022-41842

An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.

5.5CVSS5.5AI score0.00251EPSS

CVE•added 2022/09/21 1:15 p.m.•42 views

CVE-2022-38928

XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.

7.8CVSS6AI score0.00106EPSS

CVE•added 2022/09/29 3:15 a.m.•38 views

CVE-2022-38222

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.

7.8CVSS7.9AI score0.00115EPSS