Vulnerabilities > Glyphandcog > Xpdfreader > 3.04

DATE CVE VULNERABILITY TITLE RISK
2022-08-30 CVE-2022-24106 Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
local
low complexity
glyphandcog CWE-190
7.8
7.8
2022-08-30 CVE-2022-24107 Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
local
low complexity
glyphandcog CWE-190
7.8
7.8
2019-09-06 CVE-2019-16088 Uncontrolled Recursion vulnerability in Glyphandcog Xpdfreader 3.04
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.
local
low complexity
glyphandcog CWE-674
5.5
5.5