CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

References

Affected packages

Git / github.com/ruby/rubygems

Affected ranges

Type: GIT
Repo: https://github.com/ruby/rubygems
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e7167b9a42e9804a52c04a2c16aab31949471d69

Affected versions

bundler-v2.*

bundler-v2.2.0.rc.1

bundler-v2.3.0

v1.*

v1.5.0

v1.5.1

v1.5.2

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.8.0

v1.8.1

v1.8.2

v2.*

v2.0.0

v2.0.0.preview2

v2.0.0.preview2.1

v2.0.0.preview2.2

v2.0.0.rc.1

v2.0.0.rc.2

v2.0.1

v2.0.2

v2.0.3

v2.1.0

v2.1.0.rc.1

v2.1.0.rc.2

v2.1.1

v2.1.2

v2.1.3

v2.2.0.preview.1

v2.2.0.rc.1

v2.2.1

v2.3.0

v2.4.0

v2.4.1

v2.4.2

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.5.0

v2.5.1

v2.5.2

v2.6.0

v2.6.1

v2.6.10

v2.6.11

v2.6.12

v2.6.13

v2.6.14

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.6.7

v2.6.8

v2.6.9

v2.7.0

v2.7.1

v2.7.10

v2.7.2

v2.7.3

v2.7.4

v2.7.5

v2.7.6

v2.7.7

v2.7.8

v2.7.9

v3.*

v3.0.0

v3.0.0.beta1

v3.0.0.beta3

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.1.0.pre1

v3.3.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-18267.json"