[
https://issues.apache.org/jira/browse/PDFBOX-6153?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tilman Hausherr updated PDFBOX-6153:
------------------------------------
Description:
There is a circular reference vulnerability in Apache PDFBox's outline/bookmark
parsing logic leading to an infinite loop.
Thanks to Joakim Bülow https://github.com/JoakimBulow/ of Neo4j (Security team)
for finding this.
was:Details and to be added later
> Catch cycles in outlines
> ------------------------
>
> Key: PDFBOX-6153
> URL: https://issues.apache.org/jira/browse/PDFBOX-6153
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel, Utilities
> Affects Versions: 2.0.35, 3.0.6 PDFBox
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Priority: Minor
> Fix For: 2.0.36, 3.0.7 PDFBox, 4.0.0
>
>
> There is a circular reference vulnerability in Apache PDFBox's
> outline/bookmark parsing logic leading to an infinite loop.
> Thanks to Joakim Bülow https://github.com/JoakimBulow/ of Neo4j (Security
> team) for finding this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
