rpm package

opensuse/poppler&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/poppler&distro=openSUSE%20Leap%2015.4

Vulnerabilities (22)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2018-18456		—		< 0.62.0-150000.4.28.2	0.62.0-150000.4.28.2	Oct 18, 2018	The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVE-2018-18454		—		< 0.62.0-150000.4.28.2	0.62.0-150000.4.28.2	Oct 18, 2018	CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

CVE-2018-18456Oct 18, 2018
affected < 0.62.0-150000.4.28.2fixed 0.62.0-150000.4.28.2
The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.
CVE-2018-18454Oct 18, 2018
affected < 0.62.0-150000.4.28.2fixed 0.62.0-150000.4.28.2
CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

Page 2 of 2