Описание
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.62.0-2ubuntu2.4 |
| cosmic | released | 0.68.0-0ubuntu1.2 |
| devel | released | 0.71.0-2ubuntu3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.24.5-2ubuntu4.13]] |
| esm-infra/bionic | not-affected | 0.62.0-2ubuntu2.4 |
| esm-infra/xenial | not-affected | 0.41.0-0ubuntu1.9 |
| precise/esm | DNE | |
| trusty | released | 0.24.5-2ubuntu4.13 |
| trusty/esm | DNE | trusty was released [0.24.5-2ubuntu4.13] |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
An issue was discovered in Poppler 0.71.0. There is a NULL pointer der ...
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
ELSA-2019-2022: poppler security, bug fix, and enhancement update (MODERATE)
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3