CVE-2018-19149

Опубликовано: 08 нояб. 2018

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

Отчет

This issue affects the versions of poppler as shipped with Red Hat Enterprise Linux 7.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	poppler	Not affected
Red Hat Enterprise Linux 6	poppler	Not affected
Red Hat Enterprise Linux 8	poppler	Not affected
Red Hat Enterprise Linux 7	evince	Fixed	RHSA-2019:2022	06.08.2019
Red Hat Enterprise Linux 7	okular	Fixed	RHSA-2019:2022	06.08.2019
Red Hat Enterprise Linux 7	poppler	Fixed	RHSA-2019:2022	06.08.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=1649457poppler: NULL pointer dereference in _poppler_attachment_new

EPSS

Процентиль: 50%

0.00269

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2018-19149

CVSS3: 6.5

ubuntu

около 7 лет назад

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

CVE-2018-19149

CVSS3: 6.5

nvd

около 7 лет назад

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

CVE-2018-19149

CVSS3: 6.5

debian

около 7 лет назад

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attac ...

GHSA-8334-q57q-jpp2

CVSS3: 6.5

github

больше 3 лет назад

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

ELSA-2019-2022

oracle-oval

больше 6 лет назад

ELSA-2019-2022: poppler security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 50%

0.00269

Низкий

3.3 Low

CVSS3