Lucene search
Veracode Vulnerability DatabaseVERACODE:30276HistoryApr 29, 2021 - 12:51 p.m.
Denial Of Service (DoS)
2021-04-2912:51:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
37.0%
Xpdf is vulnerable to denial of service. It is trying to use the freed t3GlyphStack->cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn’t correctly handling the case where a Type 3 char referred to another char in the same Type 3 font.
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25725
forum.xpdfreader.com/viewtopic.php?f=3&t=41915
lists.fedoraproject.org/archives/list/[email protected]/message/4ZUU5QG6SSVRTKZTR3A72LDRVZETEI63/
lists.fedoraproject.org/archives/list/[email protected]/message/VLOYVJSM54IL6I5RY4QTJGRS7PIEG44X/
secdb.alpinelinux.org/edge/community.yaml
Related
debiancve
debiancve
CVE-2020-25725
2020-11-21 06:15:12
ubuntucve
ubuntucve
CVE-2020-25725
2020-11-21 00:00:00
prion
prion
Heap overflow
2020-11-21 06:15:00
nvd
nvd
CVE-2020-25725
2020-11-21 06:15:12
cve
cve
CVE-2020-25725
2020-11-21 06:15:12
alpinelinux
alpinelinux
CVE-2020-25725
2020-11-21 06:15:12
cvelist
cvelist
CVE-2020-25725
2020-11-21 05:29:54
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0112)
2022-01-28 00:00:00
Fedora: Security Advisory for xpdf (FEDORA-2021-013d9a30e0)
2021-02-11 00:00:00
Fedora: Security Advisory for xpdf (FEDORA-2021-4a437fe032)
2021-02-11 00:00:00
nessus
nessus
Fedora 33 : 1:xpdf (2021-013d9a30e0)
2021-02-11 00:00:00
Fedora 32 : 1:xpdf (2021-4a437fe032)
2021-02-11 00:00:00
GLSA-202405-18 : Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: xpdf-4.03-1.fc33
2021-02-11 01:43:55
[SECURITY] Fedora 32 Update: xpdf-4.03-1.fc32
2021-02-11 01:53:27
mageia
mageia
Updated xpdf packages fix security vulnerabilities
2021-03-04 19:53:32
gentoo
gentoo
Xpdf: Multiple Vulnerabilities
2024-05-07 00:00:00