VYPR
Low severity3.3OSV Advisory· Published Oct 6, 2018· Updated Jun 17, 2026

CVE-2018-18020

CVE-2018-18020

Description

In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Qpdf Project/QpdfOSV2 versions
    release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …+ 1 more
    • (no CPE)range: release-qpdf-2.0, release-qpdf-2.0.1, release-qpdf-2.0.2, …
    • (no CPE)range: = 8.2.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.