VulnerableCode Package Details - pkg:alpm/archlinux/xpdf@4.00-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/xpdf@4.00-2

Essentials
History (7)

purl	pkg:alpm/archlinux/xpdf@4.00-2

Next non-vulnerable version	4.01.01-1
Latest non-vulnerable version	4.04-1
Risk	1.4

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-bpmu-gg3s-buh5 Aliases: CVE-2018-7173	A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-dgeq-w49g-eydx Aliases: CVE-2018-7452	A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-eyyu-rn4g-p3gf Aliases: CVE-2018-7455	An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-fzqk-draz-2kad Aliases: CVE-2018-7174	An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-vtzx-euz7-vygu Aliases: CVE-2018-7453	Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-yguc-b2n2-3bha Aliases: CVE-2018-7175	An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.	4.01.01-1 Affected by 0 other vulnerabilities.
VCID-z7g1-26q1-sbfs Aliases: CVE-2018-7454	A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.	4.01.01-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:27:21.482338+00:00	Arch Linux Importer	Affected by	VCID-bpmu-gg3s-buh5	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.460664+00:00	Arch Linux Importer	Affected by	VCID-fzqk-draz-2kad	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.438836+00:00	Arch Linux Importer	Affected by	VCID-yguc-b2n2-3bha	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.418398+00:00	Arch Linux Importer	Affected by	VCID-dgeq-w49g-eydx	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.397747+00:00	Arch Linux Importer	Affected by	VCID-vtzx-euz7-vygu	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.375115+00:00	Arch Linux Importer	Affected by	VCID-z7g1-26q1-sbfs	https://security.archlinux.org/AVG-640	38.0.0
2026-04-01T18:27:21.351051+00:00	Arch Linux Importer	Affected by	VCID-eyyu-rn4g-p3gf	https://security.archlinux.org/AVG-640	38.0.0