[
https://issues.apache.org/jira/browse/PDFBOX-6153?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tilman Hausherr updated PDFBOX-6153:
------------------------------------
Summary: Outlines circular reference vulnerability (was: Catch cycles in
outlines)
> Outlines circular reference vulnerability
> -----------------------------------------
>
> Key: PDFBOX-6153
> URL: https://issues.apache.org/jira/browse/PDFBOX-6153
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel, Utilities
> Affects Versions: 2.0.35, 3.0.6 PDFBox
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Priority: Minor
> Fix For: 2.0.36, 3.0.7 PDFBox, 4.0.0
>
>
> There is a circular reference vulnerability in Apache PDFBox's
> outline/bookmark parsing logic leading to an infinite loop.
> Thanks to Joakim Bülow https://github.com/JoakimBulow/ of Neo4j (Security
> team) for finding this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
