Description
XPDF v4.04 and earlier was discovered to contain a stack overflow via the function Catalog::countPageTree() at Catalog.cc.
Scores
CVSS v3
5.5
EPSS
0.0021
EPSS Percentile
42.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-674
Status
published
Products (1)
xpdfreader/xpdf
< 4.04
Published
Sep 15, 2022
Tracked Since
Feb 18, 2026