UBUNTU-CVE-2019-9587
- Source
- https://ubuntu.com/security/CVE-2019-9587
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9587.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-9587
- Upstream
- Published
- 2019-03-06T08:29:00Z
- Modified
- 2026-01-30T19:26:19.818163Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - negligible
- Summary
- [none]
- Details
-
There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree.
- References
Affected packages
Ubuntu:22.04:LTS
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2021.20210626.59705-1ubuntu0.3?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2020.*
2020.20200327.54578-7
2020.20200327.54578-7build1
2021.*
2021.20210626.59705-1
2021.20210626.59705-1build1
2021.20210626.59705-1ubuntu0.1
2021.20210626.59705-1ubuntu0.2
2021.20210626.59705-1ubuntu0.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libptexenc1",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libsynctex2",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libtexlua53",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libtexlua53-dev",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2021.20210626.59705-1ubuntu0.3"
}
]
}Ubuntu:24.04:LTS
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2023.20230311.66589-9build3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2023.*
2023.20230311.66589-6
2023.20230311.66589-7
2023.20230311.66589-8
2023.20230311.66589-8build1
2023.20230311.66589-9
2023.20230311.66589-9build2
2023.20230311.66589-9build3
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libptexenc1",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libsynctex2",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexlua-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexlua53",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexlua53-5",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexlua53-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2023.20230311.66589-9build3"
},
{
"binary_name": "texlive-binaries-sse2",
"binary_version": "2023.20230311.66589-9build3"
}
]
}Ubuntu:25.10
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2024.20240313.70630+ds-6ubuntu2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libptexenc1",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libsynctex2",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexlua-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexlua53",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexlua53-5",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexlua53-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
},
{
"binary_name": "texlive-binaries-sse2",
"binary_version": "2024.20240313.70630+ds-6ubuntu2"
}
]
}Ubuntu:Pro:16.04:LTS
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2015.20160222.37495-1ubuntu0.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2015.*
2015.20150524.37493-5build1
2015.20150524.37493-7
2015.20150524.37493-7build1
2015.20150524.37493-7build4
2015.20160222.37495-1
2015.20160222.37495-1ubuntu0.1
2015.20160222.37495-1ubuntu0.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libptexenc1",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libsynctex1",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libtexlua52",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libtexlua52-dev",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2015.20160222.37495-1ubuntu0.1+esm1"
}
]
}Ubuntu:Pro:18.04:LTS
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2017.20170613.44572-8ubuntu0.2+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2017.*
2017.20170613.44572-5build1
2017.20170613.44572-5build2
2017.20170613.44572-6
2017.20170613.44572-6build1
2017.20170613.44572-6ubuntu1
2017.20170613.44572-8build1
2017.20170613.44572-8ubuntu0.1
2017.20170613.44572-8ubuntu0.2
2017.20170613.44572-8ubuntu0.2+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libptexenc1",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libsynctex1",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libtexlua52",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libtexlua52-dev",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2017.20170613.44572-8ubuntu0.2+esm1"
}
]
}Ubuntu:Pro:20.04:LTS
texlive-bin
Package
- Name
- texlive-bin
- Purl
- pkg:deb/ubuntu/texlive-bin@2019.20190605.51237-3ubuntu0.2+esm1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2019.*
2019.20190605.51237-2build1
2019.20190605.51237-3
2019.20190605.51237-3build1
2019.20190605.51237-3build2
2019.20190605.51237-3ubuntu0.1
2019.20190605.51237-3ubuntu0.2
2019.20190605.51237-3ubuntu0.2+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libkpathsea-dev",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libkpathsea6",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libptexenc-dev",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libptexenc1",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libsynctex-dev",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libsynctex2",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libtexlua53",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libtexlua53-dev",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libtexluajit-dev",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "libtexluajit2",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
},
{
"binary_name": "texlive-binaries",
"binary_version": "2019.20190605.51237-3ubuntu0.2+esm1"
}
]
}