QPDF Project QPDF 3.0.2

CPE Details

QPDF Project QPDF 3.0.2
qpdf_project
qpdf
3.0.2
2018-05-16
12h20 +00:00
2018-05-16
12h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:qpdf_project:qpdf:3.0.2:*:*:*:*:*:*:*

Informations

Vendor

qpdf_project

Product

qpdf

Version

3.0.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-9918 2018-04-10 16h00 +00:00 libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted.
7.8
High
CVE-2015-9252 2018-02-13 18h00 +00:00 An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.
5.5
Medium
CVE-2017-18183 2018-02-13 18h00 +00:00 An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.
5.5
Medium
CVE-2017-18184 2018-02-13 18h00 +00:00 An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.
5.5
Medium
CVE-2017-18185 2018-02-13 18h00 +00:00 An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
5.5
Medium
CVE-2017-18186 2018-02-13 18h00 +00:00 An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
5.5
Medium