CVE-2017-2818

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-2818
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2818.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-2818
Downstream
Published
2017-07-12T17:29:00.497Z
Modified
2026-03-14T09:22:53.315921Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger this vulnerability.

References

Affected packages

Git /

Affected ranges

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2818.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "0.53.0"
            }
        ]
    }
]