Foxitsoftware Phantompdf vulnerabilities
549 known vulnerabilities affecting foxitsoftware/phantompdf.
Total CVEs
549
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL26HIGH438MEDIUM68LOW17
Vulnerabilities
Page 26 of 28
CVE-2018-9984MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9984 [MEDIUM] CWE-125 CVE-2018-9984: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture Image Channels objects in U3D fi
nvd
CVE-2018-10493MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10493 [MEDIUM] CWE-125 CVE-2018-10493: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the U3D Final Maximum Resolution attrib
nvd
CVE-2018-9946MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9946 [MEDIUM] CWE-416 CVE-2018-9946: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setTimeOut method. The issue result
nvd
CVE-2018-9973MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9973 [MEDIUM] CWE-125 CVE-2018-9973: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub files. The issue results from the la
nvd
CVE-2018-10478MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10478 [MEDIUM] CWE-125 CVE-2018-10478: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Texture Coord Dimensions objects.
nvd
CVE-2018-1174MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-1174 [MEDIUM] CWE-665 CVE-2018-1174: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the bitmapDPI attribute of PrintParams
nvd
CVE-2018-9950MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9950 [MEDIUM] CWE-125 CVE-2018-9950: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from th
nvd
CVE-2018-9948MEDIUMCVSS 6.5PoC≤ 9.0.1.10492018-05-17
CVE-2018-9948 [MEDIUM] CWE-824 CVE-2018-9948: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from th
nvd
CVE-2018-1175MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-1175 [MEDIUM] CWE-665 CVE-2018-1175: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParam
nvd
CVE-2018-10476MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10476 [MEDIUM] CWE-125 CVE-2018-10476: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Model Node structures. The issue r
nvd
CVE-2018-9963MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9963 [MEDIUM] CWE-125 CVE-2018-9963: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from t
nvd
CVE-2018-10481MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10481 [MEDIUM] CWE-125 CVE-2018-10481: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D Texture Resource structures. The
nvd
CVE-2018-10479MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10479 [MEDIUM] CWE-125 CVE-2018-10479: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Key Frame structures. The issue re
nvd
CVE-2018-9979MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9979 [MEDIUM] CWE-125 CVE-2018-9979: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture Continuation objects in U3D file
nvd
CVE-2018-1179MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-1179 [MEDIUM] CWE-125 CVE-2018-1179: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DataSubBlock structures in GIF images. T
nvd
CVE-2018-10475MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10475 [MEDIUM] CWE-125 CVE-2018-10475: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Light Node structures. The issue r
nvd
CVE-2018-10485MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10485 [MEDIUM] CWE-125 CVE-2018-10485: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within U3D Texture Height structures. The issue results from
nvd
CVE-2018-10486MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10486 [MEDIUM] CWE-125 CVE-2018-10486: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the U3D Image Index. The issue results
nvd
CVE-2018-10487MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10487 [MEDIUM] CWE-125 CVE-2018-10487: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files embedded inside PDF document
nvd
CVE-2018-9980MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9980 [MEDIUM] CWE-125 CVE-2018-9980: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
nvd