Xpdfreader Xpdf vulnerabilities

CVE-2024-7867 [LOW] CWE-190 CVE-2024-7867: In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and d In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.

CVE-2024-7866 [LOW] CWE-674 CVE-2024-7866: In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.

CVE-2024-7868 [LOW] CWE-457 CVE-2024-7868: In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

CVE-2024-4976 [LOW] CWE-787 CVE-2024-4976: Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm fie Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.

CVE-2024-4568 [LOW] CWE-674 CVE-2024-4568: In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.

CVE-2024-4141 [LOW] CWE-787 CVE-2024-4141: Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.

CVE-2024-3900 [LOW] CWE-787 CVE-2024-3900: Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.

CVE-2024-3247 [LOW] CWE-674 CVE-2024-3247: In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.

CVE-2024-3248 [LOW] CWE-674 CVE-2024-3248: In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a s In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.

CVE-2024-2971 [LOW] CWE-787 CVE-2024-2971: Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.

CVE-2022-48545 [MEDIUM] CWE-674 CVE-2022-48545: An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.

CVE-2023-3436 [LOW] CWE-833 CVE-2023-3436: Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stre Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream.

CVE-2023-3044 [LOW] CVE-2023-3044: An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.

CVE-2023-2662 [LOW] CWE-369 CVE-2023-2662: In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zer In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.

CVE-2023-2663 [LOW] CWE-674 CVE-2023-2663:  In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion an In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.

CVE-2023-2664 [LOW] CWE-674 CVE-2023-2664:  In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.

CVE-2023-26930 [MEDIUM] CWE-120 CVE-2023-26930: Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service v Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”

CVE-2022-45587 [MEDIUM] CWE-787 CVE-2022-45587: Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.

CVE-2022-45586 [MEDIUM] CWE-787 CVE-2022-45586: Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attac Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.

CVE-2021-36493 [HIGH] CWE-787 CVE-2021-36493: Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application vi Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command.