{"id":"CVE-2022-27135","details":"xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary.","modified":"2026-03-14T11:39:21.038461Z","published":"2022-04-25T13:15:49.427Z","references":[{"type":"ADVISORY","url":"https://github.com/verf1sh/Poc/blob/master/pic_ppm.png"},{"type":"EVIDENCE","url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42232"},{"type":"EVIDENCE","url":"https://github.com/verf1sh/Poc/blob/master/poc_ppm"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27135.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.03"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}