CVE-2026-4407
Published: March 18th, 2026
Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces.
Unknown
CVSS v2:
CVSS v2:
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | xpdf (4.05) | Resolved | Code Not Present | Patched applied from about:blank |
| 26.1.1 | xpdf (4.05) | Needs Triage | ||
| 26.1 | xpdf (4.05) | Needs Triage | ||
| 25.4 | xpdf (4.05) | Needs Triage | ||
| 25.3 | xpdf (4.05) | Needs Triage | ||
| 25.2 | xpdf (4.05) | Needs Triage | ||
| 25.1.2 | xpdf (4.05) | Resolved | Code Not Present | Patched applied from about:blank |
| 25.1.1 | xpdf (4.05) | Needs Triage | ||
| 25.1 | xpdf (4.05) | Needs Triage | ||
| 24.4 | xpdf (4.05) | Needs Triage | ||
| 24.4.0 | xpdf (4.05) | Needs Triage | ||
| 24.3 | xpdf (4.05) | Needs Triage | ||
| 24.2.1 | xpdf (4.05) | Needs Triage | ||
| 24.2 | xpdf (4.05) | Needs Triage | ||
| 24.1 | xpdf (3.02) | Needs Triage | ||
| 23.3 | xpdf (3.02) | Needs Triage | ||
| 23.2.1 | xpdf (3.02) | Needs Triage | ||
| 23.2 | xpdf (3.02) | Needs Triage | ||
| 23.1 | xpdf (3.02) | Needs Triage |