4 matches found
SUSE CVE-2015-9252
An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc...
SUSE CVE-2017-11625
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...
The vulnerability of the QPDF::resolveObjectsInStream function in the command-line utility for converting QPDF documents allows a attacker to cause a service failure due to infinite loop execution.
The vulnerability of the QPDF::resolveObjectsInStream function in the command-line PDF conversion tool is related to the infinite loop that can occur during execution. Exploiting this vulnerability could allow an attacker to cause service failures...
Design/Logic Flaw
An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc...