An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:2022 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2713 | Third Party Advisory |
https://gitlab.freedesktop.org/poppler/poppler/issues/654 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4042-1/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
01 Mar 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux Eus
Redhat enterprise Linux Redhat enterprise Linux Desktop Redhat Redhat enterprise Linux Server Canonical Debian Canonical ubuntu Linux Redhat enterprise Linux Server Tus Redhat enterprise Linux Server Aus Debian debian Linux Redhat enterprise Linux Workstation |
|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2713 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4042-1/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2022 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
26 Sep 2022, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2018-11-02 07:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-18897
Mitre link : CVE-2018-18897
CVE.ORG link : CVE-2018-18897
JSON object : View
Products Affected
debian
- debian_linux
redhat
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_desktop
- enterprise_linux_eus
freedesktop
- poppler
canonical
- ubuntu_linux
CWE
CWE-772
Missing Release of Resource after Effective Lifetime