Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2019-20551
CVE-2019-20551:
NixOS vulnerability analysis and mitigation
Overview
CVE-2019-20551 is a vulnerability in the Poppler PDF rendering library that affects various versions of the software. The vulnerability was discovered in the AnnotRichMedia class in Annot.c, where a reachable Object::getString assertion could be triggered (MITRE CVE).
Technical details
The vulnerability exists in the AnnotRichMedia class within the Annot.c file of Poppler, where an attacker could trigger an Object::getString assertion. This vulnerability affects Poppler version 0.72.0 and potentially other versions (MITRE CVE).
Impact
When exploited, this vulnerability allows attackers to cause a denial of service condition in the affected systems (MITRE CVE).
Mitigation and workarounds
Updates have been released to address this vulnerability. Ubuntu users can update their systems to the following package versions: Ubuntu 18.10 (libpoppler79 - 0.68.0-0ubuntu1.5), Ubuntu 18.04 (libpoppler73 - 0.62.0-2ubuntu2.7), Ubuntu 16.04 (libpoppler58 - 0.41.0-0ubuntu1.12), and Ubuntu 14.04 (libpoppler44 - 0.24.5-2ubuntu4.16) (Ubuntu Notice).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management