Vulnerabilities (CVE)

Filtered by vendor Glyphandcog Subscribe
Filtered by product Xpdf
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16927 1 Glyphandcog 1 Xpdf 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877.
CVE-2011-2902 2 Debian, Glyphandcog 2 Debian Linux, Xpdf 2024-11-21 6.4 MEDIUM 5.3 MEDIUM
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.