Medium severity6.5NVD Advisory· Published May 6, 2018· Updated Jun 17, 2026
CVE-2018-10768
CVE-2018-10768
Description
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: =0.24.5
- osv-coords2 versionspkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 0.24.4-14.16.6+ 1 more
- (no CPE)range: < 0.24.4-14.16.6
- (no CPE)range: < 0.24.4-14.16.6
Patches
Vulnerability mechanics
References
6- bugs.freedesktop.org/show_bug.cginvdExploitIssue TrackingPatchVendor Advisory
- access.redhat.com/errata/RHBA-2019:0327nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3140nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3505nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/10/msg00024.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/3647-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.