A user can create specially crafted data that, when processed using a stream filter with 'convert.iconv.*', will cause the target application to enter an infinite loop and consume excessive CPU resources [CVE-2018-10546].
The specific impact of these vulnerabilities depends on the applications that use the affected functions or services.