Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qpdf project qpdf vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-11626
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows malicious users to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInt...
Qpdf Project Qpdf 6.0.0
4.3
CVSSv2
CVE-2017-11627
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows malicious users to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."
Qpdf Project Qpdf 6.0.0
4.3
CVSSv2
CVE-2018-18020
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote malicious users to cause a denial of service via a crafted PDF file.
Qpdf Project Qpdf 8.2.1
4.3
CVSSv2
CVE-2017-11624
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows malicious users to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInte...
Qpdf Project Qpdf 6.0.0
NA
CVE-2024-24246
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows malicious users to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.
Qpdf Project Qpdf 11.9.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
6.8
CVSSv2
CVE-2018-9918
libqpdf.a in QPDF up to and including 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote malicious users to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, becaus...
Qpdf Project Qpdf
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
4.3
CVSSv2
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote malicious users to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.
Qpdf Project Qpdf 6.0.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
4.3
CVSSv2
CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote malicious users to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.
Qpdf Project Qpdf 6.0.0
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2017-9210
libqpdf.a in QPDF 6.0.0 allows remote malicious users to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.
Qpdf Project Qpdf 6.0.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2