CVE-2017-18186

Опубликовано: 24 авг. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.

A denial of service flaw was found in the way QPDF parsed PDF files. An attacker could potentially use this flaw to cause QPDF to enter an infinite loop by tricking it into processing crafted QPDF files.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	qpdf	Will not fix
Red Hat Enterprise Linux 8	qpdf	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=1545288qpdf: infinite loop due to looping xref tables in QPDF.cc

EPSS

Процентиль: 55%

0.00323

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-18186

CVSS3: 5.5

ubuntu

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.

CVE-2017-18186

CVSS3: 5.5

nvd

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.

CVE-2017-18186

CVSS3: 5.5

debian

почти 8 лет назад

An issue was discovered in QPDF before 7.0.0. There is an infinite loo ...

GHSA-v5gm-hmrc-rgfq

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.

EPSS

Процентиль: 55%

0.00323

Низкий

3.3 Low

CVSS3