View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-20797 severity low: SUSE including 12 source package names (libpodofo-0_10-devel-0.10.5-1.1, libpodofo-devel, …), 37 product×package rows across 16 product lines (SUSE Linux Enterprise Desktop 12 SP3, SUSE Linux Enterprise Desktop 12 SP4, … (16 product lines)): Fixed 20, Known Not Affected 17.
An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.