Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7866

In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.

Published

2024-08-15T20:15:18.793

Last Modified

2024-08-20T19:23:02.780

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-674
Type: Primary
CWE-674

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xpdfreader	xpdf	≤ 4.05	Yes

References

https://www.xpdfreader.com/security-bug/object-loops.html Vendor Advisory ([email protected])