Medium severity5.5OSV Advisory· Published Feb 13, 2018· Updated Jun 17, 2026
CVE-2017-18185
CVE-2017-18185
Description
An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …+ 1 more
- (no CPE)range: release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …
- (no CPE)range: <7.0.0
Patches
Vulnerability mechanics
References
3- github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71nvdPatchThird Party Advisory
- github.com/qpdf/qpdf/issues/150nvdIssue TrackingThird Party Advisory
- usn.ubuntu.com/3638-1/nvd
News mentions
0No linked articles in our index yet.