CVE-2019-10871

Опубликовано: 05 апр. 2019

Источник: debian

EPSS Низкий

Описание

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	0.81.0-1	experimental	package
poppler	fixed	0.85.0-2		package
poppler	ignored		buster	package

https://gitlab.freedesktop.org/poppler/poppler/issues/751
https://gitlab.freedesktop.org/poppler/poppler/merge_requests/266 (rejected in favor of always enabling SPLASH_CMYK)
https://gitlab.freedesktop.org/poppler/poppler/merge_requests/341 (always enable SPLASH_CMYK)
Enabling SPLASH_CMYK in older releases causes regressions, see https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741

EPSS

Процентиль: 70%

0.00666

Низкий

CVE-2019-10871

CVSS3: 6.5

ubuntu

около 6 лет назад

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

CVE-2019-10871

CVSS3: 5.1

redhat

около 6 лет назад

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

CVE-2019-10871

CVSS3: 6.5

nvd

около 6 лет назад

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

GHSA-47xw-24jg-pc7q

CVSS3: 6.5

github

около 3 лет назад

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

ELSA-2020-1074

oracle-oval

около 5 лет назад

ELSA-2020-1074: poppler and evince security update (MODERATE)

EPSS

Процентиль: 70%

0.00666

Низкий