A flaw was found in QPDF through 8.0.2. libqpdf.a mishandles certain ‘expected dictionary key but found non-name object’ cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes (CVE-2018-9918).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | qpdf | < 7.1.1-1.1 | qpdf-7.1.1-1.1.mga5 |
Mageia | 6 | noarch | qpdf | < 7.1.1-1.1 | qpdf-7.1.1-1.1.mga6 |