{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"xpdf","version":"4.05-r0","qualifiers":{"arch":"armhf","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106824?format=json","vulnerability_id":"VCID-1azh-w2xf-rbda","summary":"In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2663","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2308","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23177","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23132","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23076","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23192","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2663"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42421","reference_id":"viewtopic.php?t=42421","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:02:53Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-2663"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1azh-w2xf-rbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106812?format=json","vulnerability_id":"VCID-2mxc-63vk-efb2","summary":"XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38928","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36242","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.3623","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36201","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36295","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36304","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36266","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38928"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_id":"viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:03Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-38928"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2mxc-63vk-efb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106816?format=json","vulnerability_id":"VCID-42hj-acwt-3bdq","summary":"An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41844","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20622","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20696","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2068","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20638","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20568","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2058","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.xpdfreader.com/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"http://www.xpdfreader.com/download.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_id":"viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844","reference_id":"viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-41844"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-42hj-acwt-3bdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106814?format=json","vulnerability_id":"VCID-9dt7-5ad4-qycb","summary":"An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41843","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26841","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26943","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26935","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26843","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26851","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344","reference_id":"viewtopic.php?f=1&t=42344","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:39:46Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_id":"viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:39:46Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-41843"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9dt7-5ad4-qycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106813?format=json","vulnerability_id":"VCID-cd7a-5se5-afhm","summary":"An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41842","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56375","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56431","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56437","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56425","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56408","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56426","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.xpdfreader.com/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:36:57Z/"}],"url":"http://www.xpdfreader.com/download.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_id":"viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:36:57Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-41842"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cd7a-5se5-afhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106821?format=json","vulnerability_id":"VCID-cmqb-67gm-hydf","summary":"Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45587","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12761","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12818","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12732","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12768","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12852","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12857","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42361","reference_id":"viewtopic.php?t=42361","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T17:53:26Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42361"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-45587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmqb-67gm-hydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106795?format=json","vulnerability_id":"VCID-cvd7-qt5m-2beq","summary":"xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30775","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44734","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44695","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44727","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44657","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44713","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44682","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-30775"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvd7-qt5m-2beq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106822?format=json","vulnerability_id":"VCID-hdsx-xen8-x7c8","summary":"An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48545","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21689","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21681","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21719","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21796","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21785","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2174","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092","reference_id":"viewtopic.php?f=3&t=42092","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:16:19Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-48545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdsx-xen8-x7c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106826?format=json","vulnerability_id":"VCID-hjrq-bngf-1kaq","summary":"Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26930","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34588","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34686","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34702","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34667","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34633","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34652","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26930"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-26930"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjrq-bngf-1kaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106828?format=json","vulnerability_id":"VCID-jpjr-nj14-bbaw","summary":"Xpdf 4.04 will deadlock on a PDF object stream whose \"Length\" field is itself in another object stream.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3436","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05376","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05357","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05352","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05313","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3436"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42618","reference_id":"viewtopic.php?t=42618","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:57:28Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42618"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-3436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpjr-nj14-bbaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106796?format=json","vulnerability_id":"VCID-jspw-7s1p-dbcg","summary":"XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33108","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43284","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43236","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43275","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43203","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43261","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43226","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-33108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jspw-7s1p-dbcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106817?format=json","vulnerability_id":"VCID-k1er-a99d-mqhp","summary":"A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43071","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25282","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25291","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29941","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29942","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29973","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43071"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959","reference_id":"viewtopic.php?f=3&t=42349&p=43959#p43959","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T18:00:58Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-43071"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1er-a99d-mqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106811?format=json","vulnerability_id":"VCID-ka4w-hhda-7yfz","summary":"XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38334","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42913","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42987","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42998","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42975","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42939","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.4295","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38334"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-38334"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka4w-hhda-7yfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106794?format=json","vulnerability_id":"VCID-m8gr-hqt3-pudz","summary":"There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30524","reference_id":"","reference_type":"","scores":[{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82579","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82584","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.8258","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82552","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82577","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82571","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-30524"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8gr-hqt3-pudz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106797?format=json","vulnerability_id":"VCID-npn3-fgpc-5yb7","summary":"XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36561","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26639","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26742","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26733","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26693","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26649","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36561"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-36561"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-npn3-fgpc-5yb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106823?format=json","vulnerability_id":"VCID-pmk2-xwkn-9fht","summary":"In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2662","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10522","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10598","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10622","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10584","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10499","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42505","reference_id":"viewtopic.php?t=42505","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:05:31Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42505"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-2662"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmk2-xwkn-9fht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106827?format=json","vulnerability_id":"VCID-qrev-jbmj-q7ba","summary":"An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.     This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3044","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13861","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1395","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13953","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13916","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13832","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3044"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2023-3044.html","reference_id":"CVE-2023-3044.html","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:53:02Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://github.com/baker221/poc-xpdf","reference_id":"poc-xpdf","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:53:02Z/"}],"url":"https://github.com/baker221/poc-xpdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-3044"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrev-jbmj-q7ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106818?format=json","vulnerability_id":"VCID-qw6v-nhw3-27d7","summary":"XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43295","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2377","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23818","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23764","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2379","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23884","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23868","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43295"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42360","reference_id":"viewtopic.php?t=42360","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:25:09Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-43295"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw6v-nhw3-27d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106825?format=json","vulnerability_id":"VCID-tqzw-h6qj-kbh1","summary":"In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2664","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.16003","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15874","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15896","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.16013","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1596","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2664"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42422","reference_id":"viewtopic.php?t=42422","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T21:22:45Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42422"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-2664"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqzw-h6qj-kbh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106798?format=json","vulnerability_id":"VCID-vy5r-uvy1-kbf8","summary":"There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38222","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38492","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38447","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38489","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38401","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38436","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38222"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-38222"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vy5r-uvy1-kbf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106819?format=json","vulnerability_id":"VCID-z648-3vdw-rkfj","summary":"Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45586","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12761","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12818","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12732","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12768","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12852","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12857","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45586"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42361","reference_id":"viewtopic.php?t=42361","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T17:54:55Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42361"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/307120?format=json","purl":"pkg:apk/alpine/xpdf@4.05-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2022-45586"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z648-3vdw-rkfj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xpdf@4.05-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}