CVE-2018-13988
published 2018-07-25CVE-2018-13988: Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by…
medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | poppler | < poppler 0.69.0-2 (bookworm) | poppler 0.69.0-2 (bookworm) |
| freedesktop | poppler | <= 0.62.0 | — |
| freedesktop | poppler | >= 0 < 0.69.0-2 | 0.69.0-2 |
| freedesktop | poppler | >= 0 < 0.69.0-2 | 0.69.0-2 |
| freedesktop | poppler | >= 0 < 0.69.0-2 | 0.69.0-2 |
| freedesktop | poppler | >= 0 < 0.69.0-2 | 0.69.0-2 |
| redhat | ansible_tower | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | openshift_container_platform | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM