Aggregates CVE and security vulnerability intelligence across all Xpdf-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption and vendor risk buffer overflow and related problems; some flaws may lead to vendor impact memory corruption, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-2142 | The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | [email protected] | 7.8 | 2.94% | 2020-01-09 | 2026-06-16 |
| CVE-2010-0207 | In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | [email protected] | 5.5 | 0.85% | 2019-10-30 | 2026-06-16 |
| CVE-2010-0206 | xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | [email protected] | 5.5 | 1.06% | 2019-10-30 | 2026-06-16 |
| CVE-2019-10026 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case. | [email protected] | 5.5 | 0.87% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10025 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nBits. | [email protected] | 5.5 | 0.87% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10024 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters. | [email protected] | 5.5 | 0.87% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10023 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case. | [email protected] | 5.5 | 0.90% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10022 | An issue was discovered in Xpdf 4.01.01. There is a NULL pointer dereference in the function Gfx::opSetExtGState in Gfx.cc. | [email protected] | 5.5 | 0.88% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10021 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps. | [email protected] | 5.5 | 0.90% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10020 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters. | [email protected] | 5.5 | 0.87% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10019 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes. | [email protected] | 5.5 | 0.90% | 2019-03-24 | 2026-06-16 |
| CVE-2019-10018 | An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case. | [email protected] | 5.5 | 1.10% | 2019-03-24 | 2026-06-16 |
| CVE-2019-9878 | There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | [email protected] | 7.8 | 1.20% | 2019-03-21 | 2026-06-16 |
| CVE-2019-9877 | There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | [email protected] | 7.8 | 1.14% | 2019-03-21 | 2026-06-16 |
| CVE-2018-18651 | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated by pdftohtml. This is mainly caused by a large number after the /Count field in the file. | [email protected] | 5.5 | 0.92% | 2018-10-25 | 2026-06-16 |
| CVE-2018-18650 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | [email protected] | 5.5 | 0.92% | 2018-10-25 | 2026-06-16 |
| CVE-2018-18459 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | [email protected] | 5.5 | 1.14% | 2018-10-18 | 2026-06-16 |
| CVE-2018-18458 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | [email protected] | 5.5 | 1.14% | 2018-10-18 | 2026-06-16 |
| CVE-2018-18457 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | [email protected] | 5.5 | 1.14% | 2018-10-18 | 2026-06-16 |
| CVE-2018-18456 | The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | [email protected] | 5.5 | 0.97% | 2018-10-18 | 2026-06-16 |