Pdfresurrect Project: Security Vulnerabilities
A flaw was found in PDFResurrect in version 0.22b. There is an infinite loop in get_xref_linear_skipped() in pdf.c via a crafted PDF file.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-04-28
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
CVSS Score
7.8
EPSS Score
0.004
Published
2020-11-20
In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document.
CVSS Score
7.8
EPSS Score
0.007
Published
2020-03-02
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-08-11
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
CVSS Score
7.8
EPSS Score
0.144
Published
2019-07-29