Search CVE reports
161 – 170 of 203 results
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
6 affected packages
ipe, kdegraphics, koffice, libextractor, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ipe | — | — | — | — |
| kdegraphics | — | — | — | — |
| koffice | — | — | — | — |
| libextractor | — | — | — | — |
| poppler | — | — | — | — |
| xpdf | — | — | — | — |
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows...
3 affected packages
kdegraphics, poppler, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kdegraphics | — | — | — | — |
| poppler | — | — | — | — |
| xpdf | — | — | — | — |
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | — |
Some fixes available 39 of 108
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service...
11 affected packages
koffice, gpdf, ipe, pdfkit.framework, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| koffice | Not in release | Not in release | Not in release | Not in release |
| gpdf | Not in release | Not in release | Not in release | Not in release |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdfkit.framework | Not in release | Not in release | Not in release | Not in release |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| kdegraphics | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | Not in release | Not in release | Not in release | Not in release |
| poppler | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
Some fixes available 39 of 108
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute...
11 affected packages
koffice, gpdf, ipe, libextractor, xpdf...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| koffice | Not in release | Not in release | Not in release | Not in release |
| gpdf | Not in release | Not in release | Not in release | Not in release |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
| kdegraphics | Not in release | Not in release | Not in release | Not in release |
| pdfkit.framework | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | Not in release | Not in release | Not in release | Not in release |
| poppler | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | — |
Some fixes available 7 of 76
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a...
11 affected packages
gpdf, ipe, kdegraphics, koffice, poppler...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpdf | Not in release | Not in release | Not in release | Not in release |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kdegraphics | Not in release | Not in release | Not in release | Not in release |
| koffice | Not in release | Not in release | Not in release | Not in release |
| poppler | Not affected | Not affected | Not affected | Not affected |
| tetex-bin | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| pdfkit.framework | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | Not in release | Not in release | Not in release | Not in release |
| xpdf | Not affected | Not affected | Not in release | Not affected |
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2)...
1 affected package
poppler
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| poppler | — | — | — | — |
Some fixes available 38 of 105
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service...
11 affected packages
gpdf, ipe, libextractor, kdegraphics, koffice...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gpdf | Not in release | Not in release | Not in release | Not in release |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| kdegraphics | Not in release | Not in release | Not in release | Not in release |
| koffice | Not in release | Not in release | Not in release | Not in release |
| pdfkit.framework | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | Not in release | Not in release | Not in release | Not in release |
| poppler | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| xpdf | Not affected | Not affected | Not in release | Not affected |
Some fixes available 38 of 105
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer...
11 affected packages
kdegraphics, gpdf, ipe, xpdf, libextractor...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kdegraphics | Not in release | Not in release | Not in release | Not in release |
| gpdf | Not in release | Not in release | Not in release | Not in release |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Not affected | Not affected | Not in release | Not affected |
| libextractor | Not affected | Not affected | Not affected | Not affected |
| koffice | Not in release | Not in release | Not in release | Not in release |
| pdfkit.framework | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | Not in release | Not in release | Not in release | Not in release |
| poppler | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |