Tag: infinite-recursion (1)CVE Reproduction > Reproducing and Patching CVE-2019-13288 - XPDF Infinite recursion & Null pointer dereferenceVulnerability: CVE-2019-13288 breaks Xpdf’s invariant that the “object stream” referenced by a compressed object must be an uncompressed stream, because the fetch path doesn’t enforce that rule and a crafted xref can make the supposed object stream itself compressed, causing unbounded recursive fetching and a crash.infinite-recursion null-pointer-dereferencing cve-2019-13288 afl-clang-fast fuzzing101 January 13, 2026 • December 22, 2025 • Easy