CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
51.2%
The updated packages fix security vulnerabilities: Logic bug in text extractor led to invalid memory access. (CVE-2022-30524) Integer overflow in rasterizer. (CVE-2022-30775) PDF object loop in Catalog::countPageTree. (CVE-2022-33108) PDF object loop in AcroForm::scanField. (CVE-2022-36561) Logic bug in JBIG2 decoder. (CVE-2022-38222) PDF object loop in Catalog::countPageTree. (CVE-2022-38334) Missing bounds check in CFF font converter caused null pointer dereference. (CVE-2022-38928) PDF object loop in Catalog::countPageTree. (CVE-2022-41842) Missing bounds check in CFF font parser caused invalid memory access. (CVE-2022-41843) PDF object loop in AcroForm::scanField. (CVE-2022-41844) PDF object loop in Catalog::readPageLabelTree2. (CVE-2022-43071) PDF object loop in Catalog::countPageTree. (CVE-2022-43295) PDF object loop in Catalog::countPageTree. (CVE-2022-45586) PDF object loop in Catalog::countPageTree. (CVE-2022-45587) Divide-by-zero in Xpdf 4.04 due to bad color space object. (CVE-2023-2662) PDF object loop in Catalog::readPageLabelTree2. (CVE-2023-2663) PDF object loop in Catalog::readEmbeddedFileTree. (CVE-2023-2664) Divide-by-zero in Xpdf 4.04 due to very large page size. (CVE-2023-3044) Deadlock in Xpdf 4.04 due to PDF object stream references. (CVE-203-3436)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | xpdf | < 4.05-1 | xpdf-4.05-1.mga9 |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
51.2%