6.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
54.7%
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
access.redhat.com/errata/RHSA-2019:2022
gitlab.freedesktop.org/poppler/poppler/issues/660
usn.ubuntu.com/3837-1/