CVE-2018-18897

Опубликовано: 02 нояб. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

Ссылки

https://access.redhat.com/errata/RHSA-2019:2022
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2713
Third Party Advisory
https://gitlab.freedesktop.org/poppler/poppler/issues/654
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4042-1/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2022
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2713
Third Party Advisory
https://gitlab.freedesktop.org/poppler/poppler/issues/654
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
Mailing List
Third Party Advisory
https://usn.ubuntu.com/4042-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freedesktop:poppler:0.71.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.002

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-772

Связанные уязвимости

CVE-2018-18897

CVSS3: 6.5

ubuntu

больше 6 лет назад

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

CVE-2018-18897

CVSS3: 4.3

redhat

больше 6 лет назад

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

CVE-2018-18897

CVSS3: 6.5

debian

больше 6 лет назад

An issue was discovered in Poppler 0.71.0. There is a memory leak in G ...

GHSA-59pp-pgh2-58rp

CVSS3: 6.5

github

около 3 лет назад

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

BDU:2022-06881

CVSS3: 6.5

fstec

больше 6 лет назад

Уязвимость компонента GfxState.cc библиотеки для отображения PDF-файлов Poppler, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 43%

0.002

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-772