Qpdf

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-29	CVE-2024-24246	Out-of-bounds Write vulnerability in multiple products Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h. local low complexity qpdf-project fedoraproject CWE-787	5.5
2023-08-11	CVE-2021-25786	Use After Free vulnerability in Qpdf Project Qpdf 10.0.4 An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf. local low complexity qpdf-project CWE-416	5.3
2022-07-22	CVE-2022-34503	Out-of-bounds Write vulnerability in Qpdf Project Qpdf 8.4.2 QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. network low complexity qpdf-project CWE-787	6.5
2021-07-20	CVE-2021-36978	Out-of-bounds Write vulnerability in Qpdf Project Qpdf QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails. local low complexity qpdf-project CWE-787	5.5
2018-10-06	CVE-2018-18020	Uncontrolled Recursion vulnerability in Qpdf Project Qpdf 8.2.1 In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file. local low complexity qpdf-project CWE-674	3.3
2018-04-10	CVE-2018-9918	Uncontrolled Recursion vulnerability in multiple products libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted. network qpdf-project canonical CWE-674	6.8
2018-02-13	CVE-2017-18186	Infinite Loop vulnerability in Qpdf Project Qpdf An issue was discovered in QPDF before 7.0.0. network qpdf-project CWE-835	4.3
2018-02-13	CVE-2017-18185	Out-of-bounds Read vulnerability in Qpdf Project Qpdf An issue was discovered in QPDF before 7.0.0. network qpdf-project CWE-125	4.3
2018-02-13	CVE-2017-18184	Out-of-bounds Read vulnerability in Qpdf Project Qpdf An issue was discovered in QPDF before 7.0.0. network qpdf-project CWE-125	4.3
2018-02-13	CVE-2017-18183	Infinite Loop vulnerability in Qpdf Project Qpdf An issue was discovered in QPDF before 7.0.0. network qpdf-project CWE-835	4.3