vulnerability
Red Hat: CVE-2021-25786: qpdf: Heap use after free in Pl_ASCII85Decoder::write
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | Aug 11, 2023 | Jul 9, 2025 | Jul 9, 2025 |
Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 11, 2023
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.