CVE-2019-14494

Опубликовано: 01 авг. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

Ссылки

https://gitlab.freedesktop.org/poppler/poppler/issues/802
Exploit
Issue Tracking
Vendor Advisory
https://gitlab.freedesktop.org/poppler/poppler/merge_requests/317
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHYAM32PALHQXL3O4DKIJ3EJB6AKBOVC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLAQBLBIIL3A5XZQYR4MG3Z4LIPIC42P/
https://usn.ubuntu.com/4091-1/
Third Party Advisory
https://gitlab.freedesktop.org/poppler/poppler/issues/802
Exploit
Issue Tracking
Vendor Advisory
https://gitlab.freedesktop.org/poppler/poppler/merge_requests/317
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHYAM32PALHQXL3O4DKIJ3EJB6AKBOVC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLAQBLBIIL3A5XZQYR4MG3Z4LIPIC42P/
https://usn.ubuntu.com/4091-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*

Версия до 0.78.0 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01969

Низкий

7.5 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-369

Связанные уязвимости

CVE-2019-14494

CVSS3: 7.5

ubuntu

больше 6 лет назад

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

CVE-2019-14494

CVSS3: 7.5

redhat

больше 6 лет назад

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

CVE-2019-14494

CVSS3: 7.5

debian

больше 6 лет назад

An issue was discovered in Poppler through 0.78.0. There is a divide-b ...

GHSA-8xhq-wvcf-g987

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

ELSA-2020-4643

oracle-oval

около 5 лет назад

ELSA-2020-4643: poppler security update (LOW)

EPSS

Процентиль: 83%

0.01969

Низкий

7.5 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-369