CVE-2022-24107 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
This could result in a crash during parsing large documents. 4.04 resolves this issue by adding appropriate integer checks. This update also resolves an
CVE-2022-38784 Poppler before version 22.08 has an integer overflow in the JBIG2 decoder. This could lead to a crash or the execution of arbitrary code.
This vulnerability affects the official build of Poppler prior to version 22.08.0 on Ubuntu 14.04 LTS and 18.04. It does not
CVE-2022-37177 HireVue Hiring Platform V1.0 has a broken or risky cryptographic algorithm.
In most cases, this rating applies to the end-user installation of the software, not the vendor. The contributor may be contacted to confirm details.
Vulnerability
CVE-2022-25641 Foxit PDF Reader and Editor before 11.2.2, and PhantomPDF before 10.1.8 mishandle cross-reference information when compressing objects. This may lead to undefined behavior or a crash.
Both of these vulnerabilities are publicly known and were addressed by several PDF library vendors in early 2018. Users of these products are strongly advised
CVE-2021-40326 Foxit PDF Reader before 11.1 and PDF Editor before 11.1 can mishandle hidden and incremental data in signed documents.
PhantomPDF, Foxit PDF Reader and Foxit PDF Editor are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit
Episode
00:00:00
00:00:00