GHSA-63cv-x9fq-ccgh

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

Ссылки

EPSS

Процентиль: 66%

0.00526

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-18454

Дефекты

CWE-125

Связанные уязвимости

CVE-2018-18454

CVSS3: 5.5

ubuntu

больше 7 лет назад

CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-18454

CVSS3: 5.5

nvd

больше 7 лет назад

CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-18454

CVSS3: 5.5

debian

больше 7 лет назад

CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ...

SUSE-SU-2023:4187-1

suse-cvrf

больше 2 лет назад

Security update for poppler

SUSE-SU-2023:4362-1

suse-cvrf

больше 2 лет назад

Security update for poppler

EPSS

Процентиль: 66%

0.00526

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-18454

Дефекты

CWE-125