Search for packages
| purl | pkg:deb/debian/xpdf@0?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1jb4-rynb-sfcq | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2023-3044
|
| VCID-28eu-nxmr-17bh | In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure. |
CVE-2019-13291
|
| VCID-2gzf-29w4-puhx | A vulnerability in Xpdf might allow local attackers to execute arbitrary code. |
CVE-2009-1144
|
| VCID-3dkg-qm6d-47ha | An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read. |
CVE-2019-14294
|
| VCID-3fmb-j9eh-auht | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. |
CVE-2019-16927
|
| VCID-3ndz-qv56-qkaz | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. |
CVE-2019-10020
|
| VCID-4shg-5htw-9uep | Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary. |
CVE-2025-3154
|
| VCID-5rue-7ryh-9ufh | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-38222
|
| VCID-6dvh-784c-r7au | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-41844
|
| VCID-6fmz-b2w3-vbcn | Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code. |
CVE-2025-2574
|
| VCID-7545-4961-63bf | Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. |
CVE-2021-36493
|
| VCID-7ae3-ueje-kubk | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. |
CVE-2019-10021
|
| VCID-7ka2-sa5g-x7he | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-30775
|
| VCID-88y1-wpv2-j3by | There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2020-24996
|
| VCID-8hwa-heth-qua6 | In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact. |
CVE-2019-13281
|
| VCID-8tce-4d32-wkgy | Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
CVE-2020-35376
|
| VCID-8tq7-kp8w-j7e1 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. |
CVE-2019-10025
|
| VCID-8yrn-x9sm-muhy | There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2019-9877
|
| VCID-9hnb-h64u-zkev | In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
CVE-2019-12957
|
| VCID-9m91-9mge-vbdx | In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. |
CVE-2019-13289
|
| VCID-9tn7-2y9w-6ufm | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 3. |
CVE-2019-14291
|
| VCID-aa14-4spj-5yf7 | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-43071
|
| VCID-az67-jep9-qfhs | Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. |
CVE-2019-17064
|
| VCID-bbb1-ck5d-8fg2 | Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. |
CVE-2006-1244
|
| VCID-bft8-ctgf-a7c7 | In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. |
CVE-2024-7867
|
| VCID-bkxu-yxes-4yf6 | There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2019-9878
|
| VCID-btp4-tbj1-uqc3 | In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. |
CVE-2019-13286
|
| VCID-bvxw-w51x-vqc4 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 2. |
CVE-2019-14293
|
| VCID-cbt8-he6p-gye9 | XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. |
CVE-2022-38236
|
| VCID-ctgr-z8gu-fqeb | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated. |
CVE-2019-12958
|
| VCID-cxcd-xyg2-fudd | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
CVE-2019-13282
|
| VCID-d7re-9pmd-dfhy | In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow. |
CVE-2024-7866
|
| VCID-d9s7-un66-wqba | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-45586
|
| VCID-e1aj-xdke-bubt | There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2020-24999
|
| VCID-e7vq-33xj-gkgr | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-38334
|
| VCID-ebmd-5d52-u7ev | Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces. |
CVE-2026-4407
|
| VCID-ebyg-yhza-wkaq | A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. |
CVE-2019-12493
|
| VCID-f1fy-2gxa-63hb | xpdf: stack-overflow in pdftotext |
CVE-2024-3247
|
| VCID-gfxh-3er7-zyam | xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak |
CVE-2019-12360
|
| VCID-ggaf-24m4-tudf | In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368. |
CVE-2019-13287
|
| VCID-ggz4-xfsy-6qh9 | In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address. |
CVE-2024-7868
|
| VCID-gs8q-7m9v-h7bv | XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. |
CVE-2022-38227
|
| VCID-gvg1-j3bg-jyhb | Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2.00 is a version from November 2002. |
CVE-2019-15860
|
| VCID-h2v8-y5wu-k7dt | XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc. |
CVE-2022-38234
|
| VCID-hxqu-gusj-d7hm | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-30524
|
| VCID-hz7t-j44b-d7bk | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-41843
|
| VCID-j6yq-rtc5-gqar | An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case. |
CVE-2019-14288
|
| VCID-ju4p-5km5-cqay | There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service. |
CVE-2019-12515
|
| VCID-k27e-xq9z-8qf8 | Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” |
CVE-2023-26930
|
| VCID-kfq1-p85t-h7av | In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. |
CVE-2019-13288
|
| VCID-kq6b-svq2-bydz | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2023-2662
|
| VCID-m3w5-n1vj-dkcj | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2023-3436
|
| VCID-m5tc-yrms-zuay | security flaw |
CVE-2005-0206
|
| VCID-m77c-kqwu-kbak | XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow() at /xpdf/Stream.cc. |
CVE-2022-38233
|
| VCID-mf6e-623v-r3cj | Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
CVE-2022-24107
|
| VCID-mj4u-8j1k-zfbh | xpdf: stack overflow via pdftpng |
CVE-2024-3248
|
| VCID-mnhc-1jgp-jqc8 | There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2019-9589
|
| VCID-mzzq-p7nb-kfge | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file. |
CVE-2018-18651
|
| VCID-nd27-gfd1-yudu | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. |
CVE-2019-10019
|
| VCID-neub-d4ap-q7fp | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. |
CVE-2019-10026
|
| VCID-ngzc-42z2-8yae | Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. |
CVE-2012-2142
|
| VCID-nxhw-mks9-uqeq | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. |
CVE-2022-38229
|
| VCID-nyr4-77z2-jfau | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc. |
CVE-2022-38231
|
| VCID-p219-w8nj-qqg7 | Poppler is affected by a memory management issue, which could lead to the execution of arbitrary code. |
CVE-2008-2950
|
| VCID-pu8x-kruh-pkbh | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1. |
CVE-2019-14292
|
| VCID-pvpw-rgq1-n3ag | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-43295
|
| VCID-pzmc-rz89-gbb7 | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. |
CVE-2022-38228
|
| VCID-qetq-kqkd-j7gf | Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. |
CVE-2019-16088
|
| VCID-qj1g-cxtf-6yhq | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. |
CVE-2022-38237
|
| VCID-rvy1-vpy6-2fas | XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc. |
CVE-2022-38235
|
| VCID-rwk9-yxsj-9ye6 | XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. |
CVE-2022-38230
|
| VCID-s1y4-86gx-9ugs | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. |
CVE-2019-10023
|
| VCID-s43w-xtc6-r7fs | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. |
CVE-2019-10024
|
| VCID-s4uu-64gy-kkh4 | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-36561
|
| VCID-srxr-dp8e-ryg8 | An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case. |
CVE-2019-14289
|
| VCID-t5np-6g2m-cbbv | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2023-2663
|
| VCID-tq94-kdgr-s7hw | In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact. |
CVE-2019-16115
|
| VCID-ttne-sgwp-k7bf | An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. |
CVE-2019-10022
|
| VCID-tz12-qj2j-rkfh | XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. |
CVE-2022-38238
|
| VCID-uakq-uh46-juec | An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. |
CVE-2022-48545
|
| VCID-ubtq-wukm-4fau | Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
CVE-2020-25725
|
| VCID-uwft-v6jp-vkhg | In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow. |
CVE-2025-11896
|
| VCID-vbux-p4cd-a3f9 | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-41842
|
| VCID-vqwt-nqkf-fkd7 | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-45587
|
| VCID-vsn4-3wj4-tqba | There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree. |
CVE-2019-9587
|
| VCID-w4js-d713-1ffu | An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA==6 case 2. |
CVE-2019-14290
|
| VCID-wz2m-37h6-t7cv | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-33108
|
| VCID-xt1y-bytw-zfa7 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact. |
CVE-2019-13283
|
| VCID-y38f-a865-fuae | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2022-38928
|
| VCID-y9t6-akg1-pqhz | There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
CVE-2019-9588
|
| VCID-ysst-cb32-t7dv | Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution. |
CVE-2022-27135
|
| VCID-yxrv-7mb5-ekfx | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. |
CVE-2018-18650
|
| VCID-z4s1-k1tj-13bf | Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. |
CVE-2023-2664
|
| VCID-zn54-s7jz-ruh8 | Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. |
CVE-2010-4654
|