Known Vulnerabilities for products from Xpdfreader
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Xpdfreader".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36493 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-02-03 | 2023-02-09 |
| CVE-2021-30860 | An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, i... | 7.8 - HIGH | 2021-08-24 | 2024-02-02 |
| CVE-2021-27548 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-05-18 | 2022-05-26 |
| CVE-2020-35376 | Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the ... | 7.5 - HIGH | 2020-12-26 | 2023-11-07 |
| CVE-2020-25725 | In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack... | 5.5 - MEDIUM | 2020-11-21 | 2023-12-13 |
| CVE-2020-24999 | There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a... | 7.8 - HIGH | 2020-09-03 | 2020-09-11 |
| CVE-2020-24996 | There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be tr... | 7.8 - HIGH | 2020-09-03 | 2020-09-11 |
| CVE-2019-10026 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOp... | 5.5 - MEDIUM | 2019-03-25 | 2019-03-25 |
| CVE-2019-10025 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | 5.5 - MEDIUM | 2019-03-25 | 2019-03-25 |
| CVE-2019-10024 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham ... | 5.5 - MEDIUM | 2019-03-25 | 2019-03-25 |
| CVE-2019-10023 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOp... | 5.5 - MEDIUM | 2019-03-25 | 2019-06-27 |
| CVE-2019-10022 | An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | 5.5 - MEDIUM | 2019-03-25 | 2019-03-25 |
| CVE-2019-10021 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | 5.5 - MEDIUM | 2019-03-25 | 2019-06-27 |
| CVE-2019-10020 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham ... | 5.5 - MEDIUM | 2019-03-25 | 2019-03-25 |
| CVE-2019-10019 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nS... | 5.5 - MEDIUM | 2019-03-25 | 2019-06-27 |
| CVE-2019-10018 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOp... | 5.5 - MEDIUM | 2019-03-25 | 2023-03-01 |
| CVE-2019-9878 | There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0... | 7.8 - HIGH | 2019-03-21 | 2021-07-21 |
| CVE-2019-9877 | There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01,... | 7.8 - HIGH | 2019-03-21 | 2021-07-21 |
| CVE-2018-18651 | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (h... | 5.5 - MEDIUM | 2018-10-25 | 2019-10-03 |
| CVE-2018-18650 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer... | 5.5 - MEDIUM | 2018-10-25 | 2018-12-06 |
Known software with vulnerabilities from Xpdfreader
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Xpdfreader | Xpdf | 0.2 |