Vulnerabilities > Glyphandcog > Xpdfreader > 4.02
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-30 | CVE-2022-24106 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. | 7.8 |
| 2022-08-30 | CVE-2022-24107 | Integer Overflow or Wraparound vulnerability in Glyphandcog Xpdfreader Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | 7.8 |
| 2019-10-01 | CVE-2019-17064 | NULL Pointer Dereference vulnerability in Glyphandcog Xpdfreader 4.02 Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. | 5.5 |