Debian Xpdf vulnerabilities

CVE-2022-38230 [MEDIUM] CVE-2022-38230: xpdf - XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) v... XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2022-38227 [HIGH] CVE-2022-38227: xpdf - XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy... XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2022-38928 [HIGH] CVE-2022-38928: xpdf - XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2021-36493 [HIGH] CVE-2021-36493: xpdf - Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to cras... Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-35376 [HIGH] CVE-2020-35376: xpdf - Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference ... Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-25725 [MEDIUM] CVE-2020-25725: xpdf - In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:... In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font. Scope: local bookworm: re

CVE-2020-24996 [HIGH] CVE-2020-24996: xpdf - There is an invalid memory access in the function TextString::~TextString() loca... There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Scope: local bookworm: resolved bullseye: res

CVE-2020-24999 [HIGH] CVE-2020-24999: xpdf - There is an invalid memory access in the function fprintf located in Error.cc in... There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolve

CVE-2019-12360 [HIGH] CVE-2019-12360: poppler - A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTr... A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content. Scope: local bookworm: resolved (fixed in 0.38.0-2) bullseye:

CVE-2019-12493 [HIGH] CVE-2019-12493: poppler - A stack-based buffer over-read exists in PostScriptFunction::transform in Functi... A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data. Scope: lo

CVE-2019-12957 [HIGH] CVE-2019-12957: poppler - In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToT... In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibl

CVE-2019-17064 [MEDIUM] CVE-2019-17064: xpdf - Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabel... Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13289 [HIGH] CVE-2019-13289: xpdf - In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2St... In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13287 [MEDIUM] CVE-2019-13287: xpdf - In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function Sp... In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath::strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. This is related to CVE-2018-16368. Scope: local bookworm: resolved bullseye: re

CVE-2019-10023 [MEDIUM] CVE-2019-10023: xpdf - An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScr... An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-9877 [HIGH] CVE-2019-9877: xpdf - There is an invalid memory access vulnerability in the function TextPage::findGa... There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. Scope: local bookworm: resolved bullseye: re

CVE-2019-10020 [MEDIUM] CVE-2019-10020: xpdf - An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash:... An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-9588 [HIGH] CVE-2019-9588: xpdf - There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in X... There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved tr

CVE-2019-10026 [MEDIUM] CVE-2019-10026: xpdf - An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScr... An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13291 [MEDIUM] CVE-2019-13291: xpdf - In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStrea... In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved