Lucene search

K

MitreCVELIST:CVE-2018-20481

HistoryDec 26, 2018 - 4:00 a.m.

CVE-2018-20481

2018-12-2604:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.

References

www.securityfocus.com/bid/106321

access.redhat.com/errata/RHSA-2019:2022

access.redhat.com/errata/RHSA-2019:2713

gitlab.freedesktop.org/poppler/poppler/issues/692

gitlab.freedesktop.org/poppler/poppler/merge_requests/143

lists.debian.org/debian-lts-announce/2019/03/msg00008.html

lists.debian.org/debian-lts-announce/2020/07/msg00018.html

usn.ubuntu.com/3865-1/

6.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

Related for CVELIST:CVE-2018-20481

osv3 ubuntucve1 cve1 prion1 veracode1 debiancve1 nvd1 redhatcve1 nessus27 ubuntu1 openvas13 fedora4 debian2 mageia1 amazon2 oraclelinux2 redhat2 centos1 suse1