Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 07 Jul 2026 09:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion in pdfcpu Parser Causes Denial of Service |
Mon, 06 Jul 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion in pdfcpu Parser Causes Denial of Service |
Mon, 06 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-674 | |
| Metrics |
cvssV3_1
|
Mon, 06 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursive Parsing Causes Denial‑of‑Service in pdfcpu | |
| Weaknesses | CWE-119 CWE-123 |
Mon, 06 Jul 2026 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursive Parsing Causes Denial‑of‑Service in pdfcpu | |
| Weaknesses | CWE-119 CWE-123 |
Sun, 05 Jul 2026 05:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion Denial of Service in pdfcpu PDF Parser | |
| Weaknesses | CWE-674 CWE-770 |
Sat, 04 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion Denial of Service in pdfcpu PDF Parser | |
| Weaknesses | CWE-674 CWE-770 |
Sat, 04 Jul 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion in pdfcpu PDF Parser Causes Denial of Service | |
| Weaknesses | CWE-674 |
Fri, 03 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion in pdfcpu PDF Parser Causes Denial of Service | |
| Weaknesses | CWE-674 |
Fri, 03 Jul 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion Leading to Denial of Service in pdfcpu PDF Parser | |
| Weaknesses | CWE-749 |
Fri, 03 Jul 2026 04:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Uncontrolled Recursion Leading to Denial of Service in pdfcpu PDF Parser | |
| Weaknesses | CWE-749 |
Thu, 02 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without enforcing a maximum nesting depth. | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-06T14:44:12.877Z
Reserved: 2026-04-06T00:00:00.000Z
Link: CVE-2026-38970
Updated: 2026-07-06T14:43:55.609Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T08:45:04Z