72 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092 • CWE-674: Uncontrolled Recursion •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. • https://forum.xpdfreader.com/viewtopic.php?t=42618 • CWE-667: Improper Locking CWE-833: Deadlock •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1

An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate. • https://github.com/baker221/poc-xpdf https://www.xpdfreader.com/security-bug/CVE-2023-3044.html • CWE-369: Divide By Zero •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. • https://forum.xpdfreader.com/viewtopic.php?t=42422 • CWE-674: Uncontrolled Recursion •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. • https://forum.xpdfreader.com/viewtopic.php?t=42421 • CWE-674: Uncontrolled Recursion •