Hi
This will be of interest to anyone testing PoDoFo or reviewing submitted
patches. It’s an analysis of 122 PDF CVEs found across a number of PDF products
presented at the Blackhat Security conference in March 2017. Products with most
CVEs found:
88 - Acrobat 88
15 - Foxit 15
8 – Adobe Digita
Hi
VeraPDF enforces the 8,388,607 indirect object limit:
https://github.com/veraPDF/veraPDF-validation-profiles/wiki/PDFA-Part-1-rules#rule-6112-7
This answer on Adobe.com expands on the reason for the limit:
https://forums.adobe.com/thread/1041350 (Adobe Reader can’t load files with
more than 8
