| Bug | stretch | buster | bullseye | sid | Description |
|---|
| CVE-2018-8107 | vulnerable | vulnerable | vulnerable | vulnerable | The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ... |
| CVE-2018-8106 | vulnerable | vulnerable | vulnerable | vulnerable | The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ... |
| CVE-2018-8105 | vulnerable | vulnerable | vulnerable | vulnerable | The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ... |
| CVE-2018-8104 | vulnerable | vulnerable | vulnerable | vulnerable | The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ... |
| CVE-2018-8103 | vulnerable | vulnerable | vulnerable | vulnerable | The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ... |
| CVE-2018-8102 | vulnerable | vulnerable | vulnerable | vulnerable | The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ... |
| CVE-2018-8101 | vulnerable | vulnerable | vulnerable | vulnerable | The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ... |
| CVE-2018-8100 | vulnerable | vulnerable | vulnerable | vulnerable | The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ... |
| CVE-2018-7455 | vulnerable | vulnerable | vulnerable | vulnerable | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ... |
| CVE-2018-7454 | vulnerable | vulnerable | vulnerable | vulnerable | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ... |
| CVE-2018-7453 | vulnerable | vulnerable | vulnerable | vulnerable | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ... |
| CVE-2018-7452 | vulnerable | vulnerable | vulnerable | vulnerable | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ... |
| CVE-2018-7175 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ... |
| CVE-2018-7174 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ... |
| CVE-2018-7173 | vulnerable | vulnerable | vulnerable | vulnerable | A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ... |
| CVE-2018-18459 | vulnerable | vulnerable | vulnerable | vulnerable | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ... |
| CVE-2018-18458 | vulnerable | vulnerable | vulnerable | vulnerable | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ... |
| CVE-2018-18457 | vulnerable | vulnerable | vulnerable | vulnerable | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ... |
| CVE-2018-18456 | vulnerable | vulnerable | vulnerable | vulnerable | The function Object::isName() in Object.h (called from Gfx::opSetFillC ... |
| CVE-2018-18455 | vulnerable | vulnerable | vulnerable | vulnerable | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ... |
| CVE-2018-18454 | vulnerable | vulnerable | vulnerable | vulnerable | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ... |
| CVE-2018-16369 | vulnerable | vulnerable | vulnerable | vulnerable | XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ... |
| CVE-2018-16368 | vulnerable | vulnerable | vulnerable | vulnerable | SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ... |
| CVE-2018-11033 | vulnerable | vulnerable | vulnerable | vulnerable | The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ... |
| CVE-2013-4472 | vulnerable | vulnerable | vulnerable | vulnerable | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... |
| CVE-2010-0207 | vulnerable | vulnerable | vulnerable | vulnerable | In xpdf, the xref table contains an infinite loop which allows remote ... |
| CVE-2010-0206 | vulnerable | vulnerable | vulnerable | vulnerable | xpdf allows remote attackers to cause a denial of service (NULL pointe ... |
| Bug | Description |
|---|
| CVE-2020-35376 | Xpdf 4.02 allows stack consumption because of an incorrect subroutine ... |
| CVE-2020-25725 | In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOut ... |
| CVE-2020-24999 | There is an invalid memory access in the function fprintf located in E ... |
| CVE-2020-24996 | There is an invalid memory access in the function TextString::~TextStr ... |
| CVE-2019-9878 | There is an invalid memory access in the function GfxIndexedColorSpace ... |
| CVE-2019-9877 | There is an invalid memory access vulnerability in the function TextPa ... |
| CVE-2019-9589 | There is a NULL pointer dereference vulnerability in PSOutputDev::setu ... |
| CVE-2019-9588 | There is an Invalid memory access in gAtomicIncrement() located at GMu ... |
| CVE-2019-9587 | There is a stack consumption issue in md5Round1() located in Decrypt.c ... |
| CVE-2019-17064 | Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog ... |
| CVE-2019-16927 | Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the ... |
| CVE-2019-16115 | In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in ... |
| CVE-2019-16088 | Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive ... |
| CVE-2019-15860 | Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2. ... |
| CVE-2019-14294 | An issue was discovered in Xpdf 4.01.01. There is a use-after-free in ... |
| CVE-2019-14293 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14292 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14291 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14290 | An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ... |
| CVE-2019-14289 | An issue was discovered in Xpdf 4.01.01. There is an integer overflow ... |
| CVE-2019-14288 | An issue was discovered in Xpdf 4.01.01. There is an Integer overflow ... |
| CVE-2019-13291 | In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ... |
| CVE-2019-13289 | In Xpdf 4.01.01, there is a use-after-free vulnerability in the functi ... |
| CVE-2019-13288 | In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause ... |
| CVE-2019-13287 | In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the f ... |
| CVE-2019-13286 | In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ... |
| CVE-2019-13283 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in s ... |
| CVE-2019-13282 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in S ... |
| CVE-2019-13281 | In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DC ... |
| CVE-2019-12958 | In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in F ... |
| CVE-2019-12957 | In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C:: ... |
| CVE-2019-12515 | There is an out-of-bounds read vulnerability in the function FlateStre ... |
| CVE-2019-12493 | A stack-based buffer over-read exists in PostScriptFunction::transform ... |
| CVE-2019-12360 | A stack-based buffer over-read exists in FoFiTrueType::dumpString in f ... |
| CVE-2019-10026 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10025 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10024 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10023 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10022 | An issue was discovered in Xpdf 4.01.01. There is a NULL pointer deref ... |
| CVE-2019-10021 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10020 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2019-10019 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ... |
| CVE-2018-18651 | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in Acr ... |
| CVE-2018-18650 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc ... |
| CVE-2012-2142 | The error function in Error.cc in poppler before 0.21.4 allows remote ... |
| CVE-2011-2902 | zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-1 ... |
| CVE-2011-1554 | Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3. ... |
| CVE-2011-1553 | Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xp ... |
| CVE-2011-1552 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2011-0764 | t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ot ... |
| CVE-2010-4654 | poppler before 0.16.3 has malformed commands that may cause corruption ... |
| CVE-2010-4653 | An integer overflow condition in poppler before 0.16.3 can occur when ... |
| CVE-2010-3704 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser i ... |
| CVE-2010-3703 | The PostScriptFunction::PostScriptFunction function in poppler/Functio ... |
| CVE-2010-3702 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, pop ... |
| CVE-2009-4035 | The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf ... |
| CVE-2009-3609 | Integer overflow in the ImageStream::ImageStream function in Stream.cc ... |
| CVE-2009-3608 | Integer overflow in the ObjectStream::ObjectStream function in XRef.cc ... |
| CVE-2009-3606 | Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf bef ... |
| CVE-2009-3604 | The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before ... |
| CVE-2009-3603 | Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3. ... |
| CVE-2009-1188 | Integer overflow in the JBIG2 decoding feature in the SplashBitmap::Sp ... |
| CVE-2009-1183 | The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earl ... |
| CVE-2009-1182 | Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and ... |
| CVE-2009-1181 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1180 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-1179 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUP ... |
| CVE-2009-1144 | Untrusted search path vulnerability in the Gentoo package of Xpdf befo ... |
| CVE-2009-0800 | Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 ... |
| CVE-2009-0799 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0195 | Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, an ... |
| CVE-2009-0166 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0165 | Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as ... |
| CVE-2009-0147 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ea ... |
| CVE-2009-0146 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ear ... |
| CVE-2008-2950 | The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earl ... |
| CVE-2008-1693 | The CairoFont::create function in CairoFontEngine.cc in Poppler, possi ... |
| CVE-2007-5393 | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in x ... |
| CVE-2007-5392 | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in X ... |
| CVE-2007-4352 | Array index error in the DCTStream::readProgressiveDataUnit method in ... |
| CVE-2007-3387 | Integer overflow in the StreamPredictor::StreamPredictor function in x ... |
| CVE-2007-0104 | The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patc ... |
| CVE-2006-1244 | Unspecified vulnerability in certain versions of xpdf after 3.00, as u ... |
| CVE-2006-0301 | Heap-based buffer overflow in Splash.cc in xpdf, as used in other prod ... |
| CVE-2005-3628 | Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Strea ... |
| CVE-2005-3627 | Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ... |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpd ... |
| CVE-2005-3193 | Heap-based buffer overflow in the JPXStream::readCodestream function i ... |
| CVE-2005-3192 | Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.0 ... |
| CVE-2005-3191 | Multiple heap-based buffer overflows in the (1) DCTStream::readProgres ... |
| CVE-2005-2097 | xpdf and kpdf do not properly validate the "loca" table in PDF files, ... |
| CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CV ... |
| CVE-2005-0064 | Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc fo ... |
| CVE-2004-1125 | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, ... |
| CVE-2004-0889 | Multiple integer overflows in xpdf 3.0, and other packages that use xp ... |
| CVE-2004-0888 | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages tha ... |
| CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 ... |
| CVE-2002-1384 | Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, ... |