What the vulnerability does
01Description
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.
CVE-2023-2663
LOW
CVE-2023-2663: Stack overflow in Xpdf 4.04 due to object loop in PDF page label tree
CVSS base score
2.9/10
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Key dates
02Disclosure timeline
May 11, 2023
CVE published
January 24, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-0210 Uncontrolled Recursion in Wireshark
CVE-2026-42445 NanaZip: Uncontrolled recursion in NanaZip UFS directory traversal causes stack exhaustion
CVE-2026-33508 Parse Server: LiveQuery subscription query depth bypass
CVE-2025-67899
CVE-2023-52079 Conversion of property names to strings can trigger infinite recursion
