Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2020-1450
HistoryNov 14, 2020 - 1:23 a.m.

Low: poppler

2020-11-1401:23:00
alas.aws.amazon.com
11

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON

Issue Overview:

A divide-by-zero error was found in the way Poppler handled certain PDF files. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by an application linked to Poppler, would crash the application causing a denial of service. (CVE-2019-14494)

Affected Packages:

poppler

Issue Correction:
Run yum update poppler to update your system.

New Packages:

i686:  
    poppler-0.26.5-43.22.amzn1.i686  
    poppler-utils-0.26.5-43.22.amzn1.i686  
    poppler-devel-0.26.5-43.22.amzn1.i686  
    poppler-glib-devel-0.26.5-43.22.amzn1.i686  
    poppler-cpp-0.26.5-43.22.amzn1.i686  
    poppler-debuginfo-0.26.5-43.22.amzn1.i686  
    poppler-glib-0.26.5-43.22.amzn1.i686  
    poppler-cpp-devel-0.26.5-43.22.amzn1.i686  
  
src:  
    poppler-0.26.5-43.22.amzn1.src  
  
x86_64:  
    poppler-0.26.5-43.22.amzn1.x86_64  
    poppler-glib-0.26.5-43.22.amzn1.x86_64  
    poppler-utils-0.26.5-43.22.amzn1.x86_64  
    poppler-glib-devel-0.26.5-43.22.amzn1.x86_64  
    poppler-cpp-0.26.5-43.22.amzn1.x86_64  
    poppler-debuginfo-0.26.5-43.22.amzn1.x86_64  
    poppler-devel-0.26.5-43.22.amzn1.x86_64  
    poppler-cpp-devel-0.26.5-43.22.amzn1.x86_64

Additional References

Red Hat: CVE-2019-14494

Mitre: CVE-2019-14494

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686poppler< 0.26.5-43.22.amzn1poppler-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-utils< 0.26.5-43.22.amzn1poppler-utils-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-devel< 0.26.5-43.22.amzn1poppler-devel-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-glib-devel< 0.26.5-43.22.amzn1poppler-glib-devel-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-cpp< 0.26.5-43.22.amzn1poppler-cpp-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-debuginfo< 0.26.5-43.22.amzn1poppler-debuginfo-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-glib< 0.26.5-43.22.amzn1poppler-glib-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1i686poppler-cpp-devel< 0.26.5-43.22.amzn1poppler-cpp-devel-0.26.5-43.22.amzn1.i686.rpm
Amazon Linux1x86_64poppler< 0.26.5-43.22.amzn1poppler-0.26.5-43.22.amzn1.x86_64.rpm
Amazon Linux1x86_64poppler-glib< 0.26.5-43.22.amzn1poppler-glib-0.26.5-43.22.amzn1.x86_64.rpm
Rows per page:
1-10 of 161

Related

fedora 2
osv 4
nessus 28
cve 1
oraclelinux 2
redhat 2
ubuntucve 1
amazon 2
almalinux 1
openvas 16
veracode 1
centos 1
prion 1
redhatcve 1
debiancve 1
ubuntu 1
mageia 2
rosalinux 1
debian 2
suse 1
fedora
fedora
[SECURITY] Fedora 30 Update: poppler-0.73.0-16.fc30
2020-02-20 04:46:27
[SECURITY] Fedora 31 Update: poppler-0.73.0-16.fc31
2020-02-11 01:14:41
osv
osv
Low: poppler security update
2020-11-03 12:23:18
CVE-2019-14494
2019-08-01 17:15:13
poppler - security update
2020-11-08 00:00:00
nessus
nessus
Amazon Linux 2 : poppler (ALAS-2020-1541)
2020-10-28 00:00:00
RHEL 7 : evince and poppler (RHSA-2020:3977)
2020-11-19 00:00:00
Fedora 30 : poppler (2020-b8b7a4a0e5)
2020-02-20 00:00:00
cve
cve
CVE-2019-14494
2019-08-01 17:15:00
oraclelinux
oraclelinux
evince and poppler security and bug fix update
2020-10-06 00:00:00
poppler security update
2020-11-10 00:00:00
redhat
redhat
(RHSA-2020:3977) Low: evince and poppler security and bug fix update
2020-09-29 07:48:08
(RHSA-2020:4643) Low: poppler security update
2020-11-03 12:23:18
ubuntucve
ubuntucve
CVE-2019-14494
2019-08-01 00:00:00
amazon
amazon
Low: evince
2020-10-22 17:30:00
Low: poppler
2020-10-22 18:36:00
almalinux
almalinux
Low: poppler security update
2020-11-03 12:23:18
openvas
openvas
Fedora: Security Advisory for poppler (FEDORA-2020-24ded2cd52)
2020-02-11 00:00:00
Ubuntu: Security Advisory (USN-4091-1)
2019-08-13 00:00:00
Fedora: Security Advisory for poppler (FEDORA-2020-b8b7a4a0e5)
2020-02-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-08-06 05:13:48
centos
centos
evince, poppler security update
2020-10-20 17:56:23
prion
prion
Design/Logic Flaw
2019-08-01 17:15:00
redhatcve
redhatcve
CVE-2019-14494
2020-02-03 09:23:52
debiancve
debiancve
CVE-2019-14494
2019-08-01 17:15:00
ubuntu
ubuntu
poppler vulnerability
2019-08-12 00:00:00
mageia
mageia
Updated poppler packages fix security vulnerabilities
2019-09-07 00:09:08
Updated poppler packages fix security vulnerabilities
2019-09-07 00:09:08
rosalinux
rosalinux
Advisory ROSA-SA-2021-1953
2021-07-02 17:59:22
debian
debian
[SECURITY] [DLA 2440-1] poppler security update
2020-11-08 23:59:37
[SECURITY] [DLA 3120-1] poppler security update
2022-09-25 22:47:37
suse
suse
Security update for poppler (important)
2021-12-01 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for ALAS-2020-1450
fedora2osv4nessus28cve1oraclelinux2redhat2ubuntucve1amazon2almalinux1openvas16veracode1centos1prion1redhatcve1debiancve1ubuntu1mageia2rosalinux1debian2suse1