suse · CVE-2018-20797

Quick triage

Priority: low Published: 2021-05-30 14:19:56 UTC Updated: 2025-10-05 01:57:16 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-20797 severity low: SUSE including 12 source package names (libpodofo-0_10-devel-0.10.5-1.1, libpodofo-devel, …), 37 product×package rows across 16 product lines (SUSE Linux Enterprise Desktop 12 SP3, SUSE Linux Enterprise Desktop 12 SP4, … (16 product lines)): Fixed 20, Known Not Affected 17.

Description:

An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.

cvelogic Threat Intelligence