CVE-2017-1000456

Опубликовано: 02 янв. 2018

Источник: debian

EPSS Низкий

Описание

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	0.61.1-2		package

https://bugs.freedesktop.org/show_bug.cgi?id=103116
Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=7ee9dadef37b20bca707a6b1e858e17d191e368b

EPSS

Процентиль: 72%

0.00719

Низкий

CVE-2017-1000456

CVSS3: 8.8

ubuntu

около 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

CVE-2017-1000456

CVSS3: 7.3

redhat

больше 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

CVE-2017-1000456

CVSS3: 8.8

nvd

около 8 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

GHSA-54wv-g6q8-8695

CVSS3: 8.8

github

больше 3 лет назад

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.

SUSE-SU-2018:1691-1

suse-cvrf

больше 7 лет назад

Security update for poppler

EPSS

Процентиль: 72%

0.00719

Низкий