Known Vulnerabilities for Xpdf by Xpdfreader
Listed below are 10 of the newest known vulnerabilities associated with "Xpdf" by "Xpdfreader".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36493 | Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. | 7.5 - HIGH | 2023-02-03 | 2023-02-09 |
| CVE-2021-30860 | An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, i... | 7.8 - HIGH | 2021-08-24 | 2024-02-02 |
| CVE-2021-27548 | There is a Null Pointer Dereference vulnerability in the XFAScanner::scanNode() function in XFAScanner.cc in xpdf 4.03. | 5.5 - MEDIUM | 2022-05-18 | 2022-05-26 |
| CVE-2020-35376 | Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the ... | 7.5 - HIGH | 2020-12-26 | 2023-11-07 |
| CVE-2020-25725 | In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack... | 5.5 - MEDIUM | 2020-11-21 | 2023-12-13 |
| CVE-2020-24999 | There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a... | 7.8 - HIGH | 2020-09-03 | 2020-09-11 |
| CVE-2020-24996 | There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be tr... | 7.8 - HIGH | 2020-09-03 | 2020-09-11 |
| CVE-2019-10018 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOp... | 5.5 - MEDIUM | 2019-03-25 | 2023-03-01 |
| CVE-2019-9878 | There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0... | 7.8 - HIGH | 2019-03-21 | 2021-07-21 |
| CVE-2019-9877 | There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01,... | 7.8 - HIGH | 2019-03-21 | 2021-07-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Xpdfreader | Xpdf | 4.02 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.01.01 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.01 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.00 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.0.2 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.0.1 | All | All | All |
| Application | Xpdfreader | Xpdf | 4.0.0 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.04-4 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.04-13 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.04 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.03-17 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.03 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | pl5 | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | All | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | - | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | pl1 | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | pl2 | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | pl3 | All | All |
| Application | Xpdfreader | Xpdf | 3.02 | pl4 | All | All |
| Application | Xpdfreader | Xpdf | 3.01 | pl2 | All | All |