High severity8.8OSV Advisory· Published Mar 11, 2019· Updated Jun 17, 2026
CVE-2019-9656
CVE-2019-9656
Description
An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: 0.6.0, 0.6.3, 0.6.4, …
- osv-coords2 versionspkg:rpm/suse/libofx&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libofx&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 0.9.9-3.10.1+ 1 more
- (no CPE)range: < 0.9.9-3.10.1
- (no CPE)range: < 0.9.9-3.10.1
Patches
Vulnerability mechanics
References
4- github.com/TeamSeri0us/pocs/tree/master/libofxnvdExploitThird Party Advisory
- github.com/libofx/libofx/issues/22nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/11/msg00021.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/4523-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.