vulnerability
Amazon Linux AMI: CVE-2018-13988: Security patch for poppler (ALAS-2018-1110)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jul 25, 2018 | Dec 7, 2018 | Oct 14, 2022 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jul 25, 2018
Added
Dec 7, 2018
Modified
Oct 14, 2022
Description
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.
Solution
amazon-linux-upgrade-poppler
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.