---

CVE-2018-5296 - log back

CVE-2018-5296 edited at 10 Jan 2021 10:18:22
References	+ https://sourceforge.net/p/podofo/tickets/6/ https://bugzilla.redhat.com/show_bug.cgi?id=1531956 https://bugzilla.redhat.com/attachment.cgi?id=1377945 - https://sourceforge.net/p/podofo/tickets/6/ https://sourceforge.net/p/podofo/code/1925/

CVE-2018-5296 edited at 10 Jan 2021 10:07:12
References	https://bugzilla.redhat.com/show_bug.cgi?id=1531956 https://bugzilla.redhat.com/attachment.cgi?id=1377945 + https://sourceforge.net/p/podofo/tickets/6/ + https://sourceforge.net/p/podofo/code/1925/

CVE-2018-5296 edited at 10 Jan 2021 10:06:33
Severity	- Unknown + Low
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	+ In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1531956 + https://bugzilla.redhat.com/attachment.cgi?id=1377945
Notes

CVE-2018-5296 created at 10 Jan 2021 09:54:00