Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 163 results


CVE-2024-7868

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-7867

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-7866

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-4976

Medium priority
Needs evaluation

Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-4568

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion and a stack overflow.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-4141

Medium priority
Needs evaluation

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-3900

Medium priority
Needs evaluation

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.

3 affected packages

ipe, poppler, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poppler Not affected Not affected Not affected Not affected Not affected
xpdf Not affected Not affected Not in release Not affected Not affected
Show less packages

CVE-2024-3248

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-3247

Medium priority
Needs evaluation

In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2024-2971

Medium priority
Needs evaluation

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.

2 affected packages

ipe, xpdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipe Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xpdf Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show less packages