vulnerability
Amazon Linux AMI: CVE-2018-13988: Security patch for poppler (ALAS-2018-1110)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jul 25, 2018 | Dec 7, 2018 | Oct 14, 2022 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jul 25, 2018
Added
Dec 7, 2018
Modified
Oct 14, 2022
Description
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.
Solution
amazon-linux-upgrade-poppler
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.