Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-f8ue-ced9-qqfn

Summary Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index.

Aliases

alias	CVE-2005-3191

Fixed_packages

url	pkg:deb/debian/cups@1.1.23-13?distro=trixie
purl	pkg:deb/debian/cups@1.1.23-13?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@1.1.23-13%3Fdistro=trixie

url pkg:deb/debian/cups@2.3.3op2-3%2Bdeb11u8?distro=trixie

purl pkg:deb/debian/cups@2.3.3op2-3%2Bdeb11u8?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1wfz-u1qd-8uce

vulnerability	VCID-4jhb-rh62-4ke5

vulnerability	VCID-8vbg-dcp3-n7fp

vulnerability	VCID-9cd4-uus2-97c1

vulnerability	VCID-gxr3-588f-ubh9

vulnerability	VCID-mwkj-qy8g-vbgj

vulnerability	VCID-q3af-s63q-m3hf

vulnerability	VCID-shvg-s168-qqb5

vulnerability	VCID-vzg1-7brk-f3hj

vulnerability	VCID-zsc7-csmh-cqdv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.3.3op2-3%252Bdeb11u8%3Fdistro=trixie

url pkg:deb/debian/cups@2.4.2-3%2Bdeb12u9?distro=trixie

purl pkg:deb/debian/cups@2.4.2-3%2Bdeb12u9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1wfz-u1qd-8uce

vulnerability	VCID-4jhb-rh62-4ke5

vulnerability	VCID-8vbg-dcp3-n7fp

vulnerability	VCID-9cd4-uus2-97c1

vulnerability	VCID-gxr3-588f-ubh9

vulnerability	VCID-mwkj-qy8g-vbgj

vulnerability	VCID-q3af-s63q-m3hf

vulnerability	VCID-shvg-s168-qqb5

vulnerability	VCID-vzg1-7brk-f3hj

vulnerability	VCID-zsc7-csmh-cqdv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.2-3%252Bdeb12u9%3Fdistro=trixie

url pkg:deb/debian/cups@2.4.10-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/cups@2.4.10-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1wfz-u1qd-8uce

vulnerability	VCID-4jhb-rh62-4ke5

vulnerability	VCID-8vbg-dcp3-n7fp

vulnerability	VCID-9cd4-uus2-97c1

vulnerability	VCID-gxr3-588f-ubh9

vulnerability	VCID-mwkj-qy8g-vbgj

vulnerability	VCID-q3af-s63q-m3hf

vulnerability	VCID-shvg-s168-qqb5

vulnerability	VCID-vzg1-7brk-f3hj

vulnerability	VCID-zsc7-csmh-cqdv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.10-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/cups@2.4.18-1?distro=trixie
purl	pkg:deb/debian/cups@2.4.18-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.18-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@0.5.8-1?distro=trixie
purl	pkg:deb/debian/libextractor@0.5.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@0.5.8-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

url	pkg:deb/debian/poppler@0.4.2-1.1?distro=trixie
purl	pkg:deb/debian/poppler@0.4.2-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.2-1.1%3Fdistro=trixie

url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25s4-qujz-8kcf

vulnerability	VCID-4n4u-c4u9-kkep

vulnerability	VCID-4y9q-jfwk-5bde

vulnerability	VCID-arhw-n285-r3dv

vulnerability	VCID-e3pp-vnez-rude

vulnerability	VCID-r2f4-bgaw-t7gu

vulnerability	VCID-sw3e-49nw-w7fv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-25s4-qujz-8kcf

vulnerability	VCID-4n4u-c4u9-kkep

vulnerability	VCID-4y9q-jfwk-5bde

vulnerability	VCID-arhw-n285-r3dv

vulnerability	VCID-e3pp-vnez-rude

vulnerability	VCID-r2f4-bgaw-t7gu

vulnerability	VCID-sw3e-49nw-w7fv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4n4u-c4u9-kkep

vulnerability	VCID-4y9q-jfwk-5bde

vulnerability	VCID-e3pp-vnez-rude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie

purl pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-e3pp-vnez-rude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie

url	pkg:deb/debian/poppler@26.01.0-4.1?distro=trixie
purl	pkg:deb/debian/poppler@26.01.0-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-4.1%3Fdistro=trixie

url	pkg:deb/debian/xpdf@3.01-3?distro=trixie
purl	pkg:deb/debian/xpdf@3.01-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-3%3Fdistro=trixie

url	pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie
purl	pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie

url	pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie
purl	pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie

url	pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie
purl	pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie

url	pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie
purl	pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie

url	pkg:ebuild/app-text/gpdf@2.10.0-r2
purl	pkg:ebuild/app-text/gpdf@2.10.0-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/gpdf@2.10.0-r2

url	pkg:ebuild/app-text/gpdf@3.01-r2
purl	pkg:ebuild/app-text/gpdf@3.01-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/gpdf@3.01-r2

url	pkg:ebuild/app-text/poppler@0.4.2-r1
purl	pkg:ebuild/app-text/poppler@0.4.2-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/poppler@0.4.2-r1

url	pkg:ebuild/app-text/poppler@2.10.0-r2
purl	pkg:ebuild/app-text/poppler@2.10.0-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/poppler@2.10.0-r2

url	pkg:ebuild/app-text/poppler@3.01-r2
purl	pkg:ebuild/app-text/poppler@3.01-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/poppler@3.01-r2

url	pkg:ebuild/app-text/xpdf@3.01-r2
purl	pkg:ebuild/app-text/xpdf@3.01-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-text/xpdf@3.01-r2

url	pkg:ebuild/net-print/cups@0.4.2-r1
purl	pkg:ebuild/net-print/cups@0.4.2-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@0.4.2-r1

url	pkg:ebuild/net-print/cups@1.1.23-r3
purl	pkg:ebuild/net-print/cups@1.1.23-r3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@1.1.23-r3

url	pkg:ebuild/net-print/cups@2.10.0-r2
purl	pkg:ebuild/net-print/cups@2.10.0-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@2.10.0-r2

url	pkg:ebuild/net-print/cups@3.01-r2
purl	pkg:ebuild/net-print/cups@3.01-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-print/cups@3.01-r2

Affected_packages

url pkg:rpm/redhat/cups@1:1.1.17-13.3?arch=34

purl pkg:rpm/redhat/cups@1:1.1.17-13.3?arch=34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups@1:1.1.17-13.3%3Farch=34

url pkg:rpm/redhat/cups@1:1.1.22-0.rc1.9?arch=9

purl pkg:rpm/redhat/cups@1:1.1.22-0.rc1.9?arch=9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups@1:1.1.22-0.rc1.9%3Farch=9

url pkg:rpm/redhat/gpdf@2.8.2-7?arch=3

purl pkg:rpm/redhat/gpdf@2.8.2-7?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gpdf@2.8.2-7%3Farch=3

url pkg:rpm/redhat/kdegraphics@7:3.3.1-3?arch=6

purl pkg:rpm/redhat/kdegraphics@7:3.3.1-3?arch=6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ebb-8uv9-k7cy

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-mn31-8fw8-fbby

vulnerability	VCID-nw43-g144-hkff

vulnerability	VCID-ucw2-n999-nyh6

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kdegraphics@7:3.3.1-3%3Farch=6

url pkg:rpm/redhat/tetex@1.0.7-67?arch=9

purl pkg:rpm/redhat/tetex@1.0.7-67?arch=9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ebb-8uv9-k7cy

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-mn31-8fw8-fbby

vulnerability	VCID-nw43-g144-hkff

vulnerability	VCID-ucw2-n999-nyh6

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tetex@1.0.7-67%3Farch=9

url pkg:rpm/redhat/tetex@2.0.2-22.EL4?arch=7

purl pkg:rpm/redhat/tetex@2.0.2-22.EL4?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ebb-8uv9-k7cy

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-mn31-8fw8-fbby

vulnerability	VCID-nw43-g144-hkff

vulnerability	VCID-ucw2-n999-nyh6

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tetex@2.0.2-22.EL4%3Farch=7

url pkg:rpm/redhat/xpdf@1:2.02-9?arch=8

purl pkg:rpm/redhat/xpdf@1:2.02-9?arch=8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ebb-8uv9-k7cy

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-mn31-8fw8-fbby

vulnerability	VCID-nw43-g144-hkff

vulnerability	VCID-ucw2-n999-nyh6

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xpdf@1:2.02-9%3Farch=8

url pkg:rpm/redhat/xpdf@1:3.00-11?arch=10

purl pkg:rpm/redhat/xpdf@1:3.00-11?arch=10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3ebb-8uv9-k7cy

vulnerability	VCID-8s9k-3wqb-pkaw

vulnerability	VCID-dedj-eeh3-u3gn

vulnerability	VCID-f8ue-ced9-qqfn

vulnerability	VCID-mn31-8fw8-fbby

vulnerability	VCID-nw43-g144-hkff

vulnerability	VCID-ucw2-n999-nyh6

vulnerability	VCID-x23f-11aw-nkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xpdf@1:3.00-11%3Farch=10

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-3191

reference_id

reference_type

scores

value	0.03031
scoring_system	epss
scoring_elements	0.86907
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-3191

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617796
reference_id	1617796
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617796

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281
reference_id	342281
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288
reference_id	342288
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288

reference_url	https://security.gentoo.org/glsa/200512-08
reference_id	GLSA-200512-08
reference_type
scores
url	https://security.gentoo.org/glsa/200512-08

reference_url	https://access.redhat.com/errata/RHSA-2005:840
reference_id	RHSA-2005:840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:840

reference_url	https://access.redhat.com/errata/RHSA-2005:867
reference_id	RHSA-2005:867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:867

reference_url	https://access.redhat.com/errata/RHSA-2005:868
reference_id	RHSA-2005:868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:868

reference_url	https://access.redhat.com/errata/RHSA-2005:878
reference_id	RHSA-2005:878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:878

reference_url	https://access.redhat.com/errata/RHSA-2006:0160
reference_id	RHSA-2006:0160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0160

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8ue-ced9-qqfn

Vulnerability Instance