6.6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.3%
A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
access.redhat.com/errata/RHSA-2019:2713
gitlab.freedesktop.org/poppler/poppler/issues/703
gitlab.freedesktop.org/poppler/poppler/merge_requests/146
usn.ubuntu.com/3886-1/