CVE-2021-36978

Published July 20th, 2021

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECTS

Description

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in Pl_ASCII85Decoder::write (called from Pl_AES_PDF::flush and Pl_AES_PDF::finish) when a certain downstream write fails.

google/oss-fuzz-vulns

OSS-Fuzz vulnerabilities for OSV.

GitHub

180

qpdf/qpdf

qpdf: A content-preserving PDF document transformer

GitHub

5.11K