CVE-2018-20451

Name of the Vulnerable Software and Affected Versions libdoc through 2017-10-23

Description The issue is related to a heap-based buffer over-read in the process file function, which can cause a denial of service, resulting in an application crash. This can be triggered by attackers using a crafted file.

Recommendations For versions through 2017-10-23, consider avoiding the use of the process file function until a fix is available. As a temporary workaround, restrict the processing of files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.