Lucene search

GoogleOSV:CVE-2019-20093

HistoryDec 30, 2019 - 4:15 a.m.

CVE-2019-20093

2019-12-3004:15:11

Google

osv.dev

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.7%

JSON

The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTB2J5XWOEGAJYR2N66GAECUIKDG6O2S/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XHFOCBZCF3GX7A6FWE3JM7P37TQWGINJ/

sourceforge.net/p/podofo/tickets/75/