Lucene search
MitreCVE-2021-25786HistoryAug 11, 2023 - 2:15 p.m.
CVE-2021-25786
2023-08-1114:15:11
CWE-416
mitre
web.nvd.nist.gov
28
cve-2021-25786
qpdf
remote code execution
pdf
security issue
nvd
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
34.1%
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
Affected configurations
Node
qpdf_projectqpdfMatch10.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| qpdf_project | qpdf | 10.0.4 | cpe:2.3:a:qpdf_project:qpdf:10.0.4:*:*:*:*:*:*:* |
Related
redhatcve
redhatcve
CVE-2021-25786
2023-08-22 17:49:08
cvelist
cvelist
CVE-2021-25786
2023-08-11 00:00:00
nessus
nessus
RHEL 9 : qpdf (Unpatched Vulnerability)
2024-06-03 00:00:00
Amazon Linux 2 : qpdf (ALAS-2024-2409)
2024-01-09 00:00:00
Debian DLA-3548-1 : qpdf - LTS security update
2023-08-30 00:00:00
prion
prion
Code injection
2023-08-11 14:15:00
debiancve
debiancve
CVE-2021-25786
2023-08-11 14:15:11
veracode
veracode
Use After Free
2023-08-17 11:12:22
osv
osv
CVE-2021-25786
2023-08-11 14:15:11
qpdf - security update
2023-08-29 00:00:00
nvd
nvd
CVE-2021-25786
2023-08-11 14:15:11
ubuntucve
ubuntucve
CVE-2021-25786
2023-08-11 00:00:00
amazon
amazon
Important: qpdf
2024-01-03 21:04:00
debian
debian
[SECURITY] [DLA 3548-1] qpdf security update
2023-08-29 21:06:14
openvas
openvas
Debian: Security Advisory (DLA-3548-1)
2023-08-31 00:00:00
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
34.1%
Related for CVE-2021-25786