CVE-2017-2814

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-2814
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2814.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-2814
Downstream
Published
2017-07-12T17:29:00.467Z
Modified
2026-03-14T09:22:53.151252Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file can be used to trigger this vulnerability.

References

Affected packages

Git /

Affected ranges

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2814.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "0.53.0"
            }
        ]
    }
]