qpdf (SUSE:Linux Enterprise Server 12 SP2-BCL) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP2-BCL package qpdf, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (10)
CVE-2017-12595 — CVSS 7.8 (high): The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service…
CVE-2022-34503 — CVSS 6.5 (medium): QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers…
CVE-2017-11626 — CVSS 5.5 (medium): A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted…
CVE-2017-11627 — CVSS 5.5 (medium): A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted…
CVE-2017-11624 — CVSS 5.5 (medium): A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted…
CVE-2017-9209 — CVSS 5.5 (medium): libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF…
CVE-2017-9210 — CVSS 5.5 (medium): libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF…
CVE-2021-36978 — CVSS 5.5 (medium): QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush…
CVE-2017-9208 — CVSS 5.5 (medium): libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF…
CVE-2017-11625 — CVSS 5.5 (medium): A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted…