View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2019-9656 severity moderate: SUSE including 3 source package names (libofx-0.9.9-3.10.1, libofx-devel-0.9.9-3.10.1, libofx6-0.9.9-3.10.1), 4 product×package rows across 2 product lines (SUSE Linux Enterprise Software Development Kit 12 SP5, SUSE Linux Enterprise Workstation Extension 12 SP5): Fixed 4.
An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.