CVE-2017-11624

CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."

CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."

CVE-2017-11624

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, ...

GHSA-xvf6-564j-w8gx

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."

BDU:2021-01408

Уязвимость функции QPDFTokenizer::resolveLiteral утилиты командной строки для преобразования PDF документов QPDF, позволяющая нарушителю вызвать отказ в обслуживании