Описание
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
A flaw was found in Poppler. This vulnerability allows out-of-bounds reads via crafted input files that trigger the JBIG2Bitmap::combine function due to a misplaced isOk check.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | poppler | Fix deferred | ||
| Red Hat Enterprise Linux 6 | poppler | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-poppler022 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | poppler | Out of support scope | ||
| Red Hat Enterprise Linux 8 | poppler | Fix deferred | ||
| Red Hat Enterprise Linux 9 | poppler | Fix deferred |
Показывать по
Дополнительная информация
Статус:
4 Medium
CVSS3
Связанные уязвимости
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
Poppler before 25.04.0 allows crafted input files to trigger out-of-bo ...
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
Уязвимость библиотеки для отображения PDF-файлов Poppler, связанная с чтением за границами буфера памяти в функции JBIG2Bitmap::combine(), позволяющая нарушителю вызвать отказ в обслуживании
4 Medium
CVSS3