5.5

CVE-2017-18186

An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qpdf ProjectQpdf Version < 7.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.14% 0.625
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://usn.ubuntu.com/3638-1/
https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937
Third Party Advisory
https://github.com/qpdf/qpdf/issues/149
Third Party Advisory