Bugs fixes in "qpdf"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2018-18020 | In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows re | 2021-07-29 |
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2018-18020 | In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows re | 2021-07-29 |
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2021-36978 | QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES | 2021-07-29 |
| CVE | CVE-2018-9918 | libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a de | 2018-05-07 |
| CVE | CVE-2017-18186 | An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. | 2018-05-07 |
| CVE | CVE-2017-18185 | An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is | 2018-05-07 |
| CVE | CVE-2017-18184 | An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. | 2018-05-07 |
| CVE | CVE-2017-18183 | An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. | 2018-05-07 |
| CVE | CVE-2017-12595 | The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack co | 2018-05-07 |
| CVE | CVE-2017-11627 | A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related | 2018-05-07 |
| CVE | CVE-2017-11626 | A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related | 2018-05-07 |
| CVE | CVE-2017-11625 | A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related | 2018-05-07 |
| CVE | CVE-2017-11624 | A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related | 2018-05-07 |
| CVE | CVE-2017-9210 | libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r | 2018-05-07 |
| CVE | CVE-2017-9209 | libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r | 2018-05-07 |
About
-
Send Feedback to @ubuntu_updates
