CVE-2021-25786

Опубликовано: 11 авг. 2023

Источник: debian

EPSS Низкий

Описание

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qpdf	fixed	10.1.0-1		package

Примечания

https://github.com/qpdf/qpdf/issues/492
https://github.com/qpdf/qpdf/commit/dc92574c10f3e2516ec6445b88c5d584f40df4e5 (release-qpdf-10.1.0)

EPSS

Процентиль: 53%

0.00302

Низкий

Связанные уязвимости

CVE-2021-25786

CVSS3: 5.3

ubuntu

почти 2 года назад

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

CVE-2021-25786

CVSS3: 5.3

redhat

почти 2 года назад

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

CVE-2021-25786

CVSS3: 5.3

nvd

почти 2 года назад

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

ROS-20250403-02

CVSS3: 5.3

redos

3 месяца назад

Уязвимость qpdf

GHSA-f3pg-6m52-2j62

CVSS3: 8.8

github

почти 2 года назад

An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.

EPSS

Процентиль: 53%

0.00302

Низкий