VDB
GCVE-110-MAGEIA-2018-145
GCVE-110-MAGEIA-2018-145
Advisory Published
Updated qpdf packages fix security vulnerabilities:
1. Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral()
2. Another stack overflow / endless recursion in QPDFWriter::enqueueObject()
3. Stack out of bounds read in iterate_rc4()
4. heap out of bounds read (large) in Pl_Buffer::write
5. Hang due to a pdf xref loop:
Also, the libjpeg package has been patched to provide pkgconfig files, so that
cups-filters could be rebuilt against this qpdf update.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | rust | 0 (affected), 1.28.0-1.mga6 (unaffected) | — |
| Mageia | libjpeg | 0 (affected), 1.3.1-4.3.mga5 (unaffected), 0 (affected), 1.3.1-4.3.mga5 (unaffected) | — |
| Mageia | cups-filters | 0 (affected), 0 (affected), 1.0.71-1.4.mga5 (unaffected), 1.0.71-1.4.mga5 (unaffected) | — |
| Mageia | qpdf | 0 (affected), 7.1.1-1.mga5 (unaffected), 7.1.1-1.mga5 (unaffected), 0 (affected) | — |
References
Browse GCVE Records
73,118 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.