Vulnerabilities > Qpdf Project > Qpdf > 2.1.1

DATE CVE VULNERABILITY TITLE RISK
2018-04-10 CVE-2018-9918 Uncontrolled Recursion vulnerability in multiple products
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted.
local
low complexity
qpdf-project canonical CWE-674
7.8
7.8
2018-02-13 CVE-2017-18186 Infinite Loop vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-835
5.5
5.5
2018-02-13 CVE-2017-18185 Out-of-bounds Read vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-125
5.5
5.5
2018-02-13 CVE-2017-18184 Out-of-bounds Read vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-125
5.5
5.5
2018-02-13 CVE-2017-18183 Infinite Loop vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-835
5.5
5.5
2018-02-13 CVE-2015-9252 Resource Management Errors vulnerability in Qpdf Project Qpdf
An issue was discovered in QPDF before 7.0.0.
local
low complexity
qpdf-project CWE-399
5.5
5.5