A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach
Reporter | Title | Published | Views | Family All 75 |
---|---|---|---|---|
Cvelist | CVE-2018-20650 | 1 Jan 201916:00 | – | cvelist |
OSV | CVE-2018-20650 | 1 Jan 201916:29 | – | osv |
OSV | poppler - security update | 30 Sep 201900:00 | – | osv |
OSV | poppler - security update | 26 Sep 202200:00 | – | osv |
OSV | poppler - security update | 8 Nov 202000:00 | – | osv |
OSV | Red Hat Security Advisory: poppler security, bug fix, and enhancement update | 16 Sep 202401:51 | – | osv |
OSV | Red Hat Security Advisory: poppler security update | 16 Sep 202402:32 | – | osv |
CVE | CVE-2018-20650 | 1 Jan 201916:29 | – | cve |
Veracode | Denial Of Service (DoS) | 8 Jan 201902:08 | – | veracode |
Prion | Design/Logic Flaw | 1 Jan 201916:29 | – | prion |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | poppler | 0.85.0-2 | poppler_0.85.0-2_all.deb |
Debian | 11 | all | poppler | 0.85.0-2 | poppler_0.85.0-2_all.deb |
Debian | 999 | all | poppler | 0.85.0-2 | poppler_0.85.0-2_all.deb |
Debian | 13 | all | poppler | 0.85.0-2 | poppler_0.85.0-2_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo