Low severity3.3OSV Advisory· Published Oct 6, 2018· Updated Jun 17, 2026
CVE-2018-18020
CVE-2018-18020
Description
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …+ 1 more
- (no CPE)range: release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …
- (no CPE)range: = 8.2.1
Patches
Vulnerability mechanics
References
2- github.com/qpdf/qpdf/issues/243nvdExploitIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2023/08/msg00037.htmlnvd
News mentions
0No linked articles in our index yet.