Bugzilla – Bug 1186588
VUL-0: CVE-2021-30470: podofo: uncontrolled recursive call of funtions in src/base/PdfTokenizer.cpp can lead to a stack overflow
Last modified: 2022-09-28 12:32:45 UTC
A flaw was found in PoDoFo. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.
- SUSE:SLE-12:Update/podofo 0.9.2
- openSUSE:Factory/podofo 0.9.6
No patch has been released yet.
Still no upstream fix available.
No news from upstream since April 2021. Agreed with Stoyan to close this.