Qpdf Project: >> Qpdf >> 6.0.0 Security Vulnerabilities
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."
CVSS Score
5.5
EPSS Score
0.003
Published
2017-07-25
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-05-23
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-05-23
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-05-23
Page 2