13 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-9918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libqpdf.a in QPDF through 8.0.2 mishandles certain expected dictionary key but found non-name object cases, allowing remote attackers to cause a denial of servi...
SUSE: Security Advisory (SUSE-SU-2024:2173-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2173-1 Security update for qpdf
This update for qpdf fixes the following issues: - CVE-2018-9918: Fixed mishandled 'expected dictionary key but found non-name object' cases that could have allowed attackers to cause a denial of service. bsc1089090...
SUSE SLES12 Security Update : qpdf (SUSE-SU-2024:2173-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2173-1 advisory. - CVE-2018-9918: Fixed mishandled 'expected dictionary key but found non-name object' cases that could have allowed attackers to cause a...
RHEL 7 : qpdf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: stack exhaustion in QPDFObjectHandle and QPDFDictionary classes in libqpdf.a CVE-2018-9918 - An iss...
Mageia: Security Advisory (MGASA-2018-0232)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : qpdf (2018-b4ef545db5)
Security fix for CVE-2018-9918 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Updated qpdf packages fix security vulnerability
A flaw was found in QPDF through 8.0.2. libqpdf.a mishandles certain 'expected dictionary key but found non-name object' cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes CVE-2018-9918...
Fedora Update for qpdf FEDORA-2018-f2e1c09437
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qpdf FEDORA-2018-d7ea552cde
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : cups-filters / qpdf (2018-f2e1c09437)
Rebase to qpdf-7.1.1 because of security fixes for CVE-2018-9918, CVE-2017-11627, CVE-2017-12595. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
CVE-2018-9918
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes, because nesting in direct objects is not restricted...
CVE-2018-9918
CVE-2018-9918 affects libqpdf.a in QPDF up to version 8.0.2, where nesting in direct objects is not properly restricted. This mishandling of certain "expected dictionary key but found non-name object" cases can allow remote attackers to cause a denial of service via stack exhaustion. Connected ad...