Vulnerabilities > Qpdf Project > Qpdf > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-29 CVE-2024-24246 Out-of-bounds Write vulnerability in multiple products
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.
local
low complexity
qpdf-project fedoraproject CWE-787
5.5
5.5
2023-08-11 CVE-2021-25786 Use After Free vulnerability in Qpdf Project Qpdf 10.0.4
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
local
low complexity
qpdf-project CWE-416
5.3
5.3
2022-07-22 CVE-2022-34503 Out-of-bounds Write vulnerability in Qpdf Project Qpdf 8.4.2
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream.
network
low complexity
qpdf-project CWE-787
6.5
6.5
2021-07-20 CVE-2021-36978 Out-of-bounds Write vulnerability in Qpdf Project Qpdf
QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails.
local
low complexity
qpdf-project CWE-787
5.5
5.5
2018-02-13 CVE-2017-18186 Infinite Loop vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-835
5.5
5.5
2018-02-13 CVE-2017-18185 Out-of-bounds Read vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-125
5.5
5.5
2018-02-13 CVE-2017-18184 Out-of-bounds Read vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-125
5.5
5.5
2018-02-13 CVE-2017-18183 Infinite Loop vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-835
5.5
5.5
2018-02-13 CVE-2015-9252 Resource Management Errors vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-399
5.5
5.5
2017-07-25 CVE-2017-11627 Infinite Loop vulnerability in Qpdf Project Qpdf 6.0.0
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."
local
low complexity
qpdf-project CWE-835
5.5
5.5