CVE-2019-10871

CWE-125Out-of-bounds ReadCWE-122Heap-based Buffer Overflow11 documents8 sources
Severity
6.5MEDIUM
EPSS
0.6%
top 29.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Freedesktop Poppler
Timeline
PublishedApr 5
Latest updateMay 14

Description

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

Debianpoppler< 0.85.0-2+3
Ubuntupoppler< 0.41.0-0ubuntu1.16+1

🔴Vulnerability Details

4
GHSA
GHSA-47xw-24jg-pc7q: An issue was discovered in Poppler 02022-05-14
OSV
poppler regression2020-11-26
CVEList
CVE-2019-10871: An issue was discovered in Poppler 02019-04-05
OSV
CVE-2019-10871: An issue was discovered in Poppler 02019-04-05

📋Vendor Advisories

4
Ubuntu
poppler regression2020-11-26
Ubuntu
poppler vulnerabilities2020-11-25
Red Hat
poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc2019-04-03
Debian
CVE-2019-10871: poppler - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-rea...2019

💬Community

2
Bugzilla
CVE-2019-10871 poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc2019-04-05
Bugzilla
CVE-2019-10871 CVE-2019-10872 CVE-2019-10873 poppler: various flaws [fedora-all]2019-04-05
CVE-2019-10871 (MEDIUM CVSS 6.5) | An issue was discovered in Poppler | cvebase.io