CVE-2018-7173 A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding. https://forum.xpdfreader.com/viewtopic.php?f=3&t=607 CVE-2018-7174 An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams. https://forum.xpdfreader.com/viewtopic.php?f=3&t=605 CVE-2018-7175 An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components. https://forum.xpdfreader.com/viewtopic.php?f=3&t=613
Created xpdf tracking bugs for this issue: Affects: epel-all [bug 1546055] Affects: fedora-all [bug 1546054]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.