Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QPDF 安全漏洞
Vulnerability Description
QPDF是一个能够对PDF进行结构化的命令行程序。该程序可以加密PDF文件,分析或更改PDF文件的内部结构。 QPDF 6.0.0版本和7.0.b1版本中的tokenizer存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务(栈消耗和段错误)。
CVSS Information
N/A
Vulnerability Type
N/A