CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...

CVE-2017-11626

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...

CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...

CVE-2017-11626

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...

UBUNTU-CVE-2017-11627

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...

CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

DEBIAN-CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

Design/Logic Flaw

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

Stack overflow

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...

UBUNTU-CVE-2017-11556

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...

CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

CVE-2017-11556

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...

CVE-2017-11554

CVE-2017-11554 affects LibSass 3.4.5 (lex function in parser.hpp, as used by sassc). The vulnerability is a stack-consumption DoS triggered by crafted input, enabling remote denial of service. Multiple connected sources corroborate the issue and its impact. OpenSUSE/SUSE advisories and OSV/NVD en...

CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

CVE-2017-11556

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...

CVE-2017-1000373

The OpenBSD qsort function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...