1 results (0.001 seconds)
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42358 – Loop with Unreachable Exit Condition ('Infinite Loop') in pdfio
https://notcve.org/view.php?id=CVE-2024-42358
PDFio is a simple C library for reading and writing PDF files. There is a denial of service (DOS) vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability. An infinite loop occurs in the read_camp function by nGroups value. • https://github.com/michaelrsweet/pdfio/commit/e4e1c39578279386b0ab9f9ac14b20a8bad4f935 https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-4hh9-j68x-8353 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •