Medium severity6.5OSV Advisory· Published Dec 28, 2018· Updated Jun 17, 2026
CVE-2018-20551
CVE-2018-20551
Description
A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14poppler-0.10.0, poppler-0.11.0, poppler-0.11.1, …+ 1 more
- (no CPE)range: poppler-0.10.0, poppler-0.11.0, poppler-0.11.1, …
- (no CPE)range: <0.72.0
- osv-coords12 versionspkg:rpm/opensuse/poppler&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/poppler&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2
< 0.62.0-4.6.1+ 11 more
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
- (no CPE)range: < 0.62.0-4.6.1
Patches
Vulnerability mechanics
References
4- gitlab.freedesktop.org/poppler/poppler/merge_requests/146nvdPatchThird Party Advisory
- gitlab.freedesktop.org/poppler/poppler/issues/703nvdExploitThird Party Advisory
- usn.ubuntu.com/3886-1/nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:2713nvd
News mentions
0No linked articles in our index yet.