CVE-2019-10021

CWE-3699 documents7 sources

Severity

5.5MEDIUM

EPSS

0.2%

top 62.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Xpdfreader Xpdf

Timeline

PublishedMar 25

Latest updateMay 14

Description

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDxpdfreader/xpdf4.01.01

▶Ubuntupoppler< 0.41.0-0ubuntu1.14

🔴Vulnerability Details

GHSA

GHSA-q7r2-fq2f-675v: An issue was discovered in Xpdf 4↗2022-05-14

▶

OSV

CVE-2019-10021: An issue was discovered in Xpdf 4↗2019-03-24

▶

CVEList

CVE-2019-10021: An issue was discovered in Xpdf 4↗2019-03-24

▶

📋Vendor Advisories

Ubuntu

poppler vulnerabilities↗2019-06-27

▶

Debian

CVE-2019-10021: xpdf - An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageSt...↗2019

▶

💬Community

Bugzilla

CVE-2019-10018 CVE-2019-10020 CVE-2019-10021 CVE-2019-10022 CVE-2019-10023 CVE-2019-10024 CVE-2019-10025 xpdf: various flaws [fedora-all]↗2019-03-28

▶

Bugzilla

CVE-2019-10018 CVE-2019-10020 CVE-2019-10021 CVE-2019-10022 CVE-2019-10023 CVE-2019-10024 CVE-2019-10025 xpdf: various flaws [epel-all]↗2019-03-28

▶

Bugzilla

CVE-2019-10021 xpdf: floating point exception in function ImageStream::ImageStream in Stream.cc↗2019-03-28

▶