VYPR
Medium severity5.5NVD Advisory· Published Jul 25, 2017· Updated Jun 17, 2026

CVE-2017-11626

CVE-2017-11626

Description

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

25

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.