RHSA-2018:3140MediumCVSS 7.5

Red Hat Security Advisory: GNOME security, bug fix, and enhancement update

Published
October 30, 2018
Last Modified
June 27, 2026

🔗 CVE IDs covered (15)

📋 Description

CVE-2015-9381 — freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash CVE-2015-9382 — freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read CVE-2017-2862 — gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function CVE-2017-18267 — poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service CVE-2018-4121 — webkitgtk: memory corruption processing maliciously crafted web content CVE-2018-4200 — webkitgtk: memory corruption processing maliciously crafted web content CVE-2018-4204 — webkitgtk: memory corruption processing maliciously crafted web content CVE-2018-10733 — libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c CVE-2018-10767 — libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c CVE-2018-10768 — poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF CVE-2018-11712 — webkitgtk: Improper TLS certificate verification for WebSocket connections CVE-2018-11713 — webkitgtk: WebSockets don't use system proxy settings CVE-2018-12910 — libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames CVE-2018-13988 — poppler: out of bounds read in pdfunite CVE-2018-14036 — accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c

🔗 References (210)