Home

Description

In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.

PUBLISHED Reserved 2025-10-16 | Published 2025-10-16 | Updated 2025-10-17 | Assigner GandC




LOW: 2.1CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-674 Uncontrolled Recursion

Product status

Default status
unaffected

Any version
affected

Credits

landw (GitHub: Landw-hub) finder

References

www.xpdfreader.com/security-bug/object-loops.html

cve.org (CVE-2025-11896)

nvd.nist.gov (CVE-2025-11896)

Download JSON