CVE-2024-56378

Опубликовано: 23 дек. 2024

Источник: debian

EPSS Низкий

Описание

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	24.08.0-4		package
poppler	fixed	22.12.0-2+deb12u1	bookworm	package

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553
https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e

EPSS

Процентиль: 38%

0.00163

Низкий

CVE-2024-56378

CVSS3: 4.3

ubuntu

6 месяцев назад

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

CVE-2024-56378

CVSS3: 4.4

redhat

6 месяцев назад

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

CVE-2024-56378

CVSS3: 4.3

nvd

6 месяцев назад

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

SUSE-SU-2024:4435-1

suse-cvrf

6 месяцев назад

Security update for poppler

SUSE-SU-2024:4432-1

suse-cvrf

6 месяцев назад

Security update for poppler

EPSS

Процентиль: 38%

0.00163

Низкий