{"affected":[{"ecosystem_specific":{"binaries":[{"qpdf-devel":"7.1.1-3.11.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"qpdf","purl":"pkg:rpm/suse/qpdf&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.1.1-3.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqpdf18":"7.1.1-3.11.1","qpdf":"7.1.1-3.11.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"qpdf","purl":"pkg:rpm/suse/qpdf&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.1.1-3.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqpdf18":"7.1.1-3.11.1","qpdf":"7.1.1-3.11.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"qpdf","purl":"pkg:rpm/suse/qpdf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.1.1-3.11.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qpdf fixes the following issues:\n\n- CVE-2018-9918: Fixed mishandled 'expected dictionary key but found non-name object' cases that could have allowed attackers to cause a denial of service. (bsc#1089090)\n","id":"SUSE-SU-2024:2173-1","modified":"2024-06-24T05:20:37Z","published":"2024-06-24T05:20:37Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20242173-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1089090"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-9918"}],"related":["CVE-2018-9918"],"summary":"Security update for qpdf","upstream":["CVE-2018-9918"]}