suse · CVE-2017-5834

Quick triage

Priority: medium Published: 2021-05-30 13:53:02 UTC Updated: 2026-04-18 15:42:47 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-5834 severity moderate: SUSE including 30 source package names (libplist++-2_0-3-2.2.0-1.6, libplist++-2_0-3-32bit-2.2.0-1.6, …), 92 product×package rows across 38 product lines (SUSE Linux Enterprise Desktop 12 SP1, SUSE Linux Enterprise Desktop 12 SP2, … (38 product lines)): Fixed 92.

Description:

The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.

cvelogic Threat Intelligence