UbuntuUpdates.org

Bugs fixes in "qpdf"

Origin Bug number Title Date fixed
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2018-18020 In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows re 2021-07-29
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2018-18020 In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows re 2021-07-29
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2021-36978 QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES 2021-07-29
CVE CVE-2018-9918 libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a de 2018-05-07
CVE CVE-2017-18186 An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. 2018-05-07
CVE CVE-2017-18185 An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is 2018-05-07
CVE CVE-2017-18184 An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. 2018-05-07
CVE CVE-2017-18183 An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. 2018-05-07
CVE CVE-2017-12595 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack co 2018-05-07
CVE CVE-2017-11627 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related 2018-05-07
CVE CVE-2017-11626 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related 2018-05-07
CVE CVE-2017-11625 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related 2018-05-07
CVE CVE-2017-11624 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related 2018-05-07
CVE CVE-2017-9210 libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r 2018-05-07
CVE CVE-2017-9209 libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r 2018-05-07



About   -   Send Feedback to @ubuntu_updates