CVE-2019-20814

HIGH

Foxit PhantomPDF < 8.3.12 - Denial of Service via Memory Consumption

Title source: llm
STIX 2.1

Description

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data is created for each page of an application level.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.foxitsoftware.com/support/security-bulletins.php

Scores

CVSS v3 7.5
EPSS 0.0003
EPSS Percentile 8.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-770
Status published
Products (1)
foxitsoftware/phantompdf < 8.3.12
Published Jun 04, 2020
Tracked Since Feb 18, 2026