CVE-2018-20751 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	No
Type	Denial of service
Description	An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. The issue is fixed in PoDoFo version 0.9.7.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-867	podofo	0.9.6-3	0.9.7-1	Medium	Fixed	FS#61651

Date	Advisory	Group	Package	Severity	Type
20 Jan 2021	ASA-202101-36	AVG-867	podofo	Medium	multiple issues

References
https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/ https://sourceforge.net/p/podofo/tickets/33/ https://sourceforge.net/p/podofo/code/1954/