VDB

GCVE-110-MAGEIA-2018-131

GCVE-110-MAGEIA-2018-131
Advisory Published
Vulnetix · Advisory published February 22, 2018
Qpdf has been updated to the latest version to fix several security issues. - Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral() - Another stack overflow / endless recursion in QPDFWriter::enqueueObject() - Stack out of bounds read in iterate_rc4() - heap out of bounds read (large) in Pl_Buffer::write - Hang due to a pdf xref loop Also, the cups-filters package has been rebuilt for the new qpdf.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-virtualbox5.2.14-1.mga6 (unaffected), 0 (affected)
Mageiacups-filters1.13.4-2.2.mga6 (unaffected), 0 (affected), 1.13.4-2.2.mga6 (unaffected), 0 (affected)
Mageiaqpdf0 (affected), 7.1.1-1.mga6 (unaffected), 0 (affected), 7.1.1-1.mga6 (unaffected)
Mageiavirtualbox0 (affected), 5.2.14-1.mga6 (unaffected)
Mageiakmod-vboxadditions0 (affected), 5.2.14-1.mga6 (unaffected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›