7.5

CVE-2019-14494

Exploit
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreedesktopPoppler Version <= 0.78.0
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version19.04
FedoraprojectFedora Version30
FedoraprojectFedora Version31
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.68% 0.839
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-369 Divide By Zero

The product divides a value by zero.

https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html
Third Party Advisory
Mailing List
https://gitlab.freedesktop.org/poppler/poppler/issues/802
Vendor Advisory
Exploit
Issue Tracking
https://gitlab.freedesktop.org/poppler/poppler/merge_requests/317
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AHYAM32PALHQXL3O4DKIJ3EJB6AKBOVC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLAQBLBIIL3A5XZQYR4MG3Z4LIPIC42P/
https://usn.ubuntu.com/4091-1/
Third Party Advisory