PT-2020-8882 · Foxit · Foxit Phantompdf

Published

2020-06-04

Updated

2020-06-09

CVE-2018-21238

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Foxit PhantomPDF versions prior to 8.3.7

Description An issue in Foxit PhantomPDF allows memory consumption via an ArrayBuffer(0xfffffffe) call.

Recommendations For Foxit PhantomPDF versions prior to 8.3.7, update to version 8.3.7 or later to resolve the issue.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2018-21238

Foxit Phantompdf