libpoppler.so is vulnerable to a denial of service (DoS) attack. The library does not validate the file name of an embedded file before using it to determine the save path, leading to a NULL pointer dereference that can crash the application.
CPE | Name | Operator | Version |
---|---|---|---|
libpoppler.so | le | 37.0.0 | |
poppler | eq | 0.26.5__20.el7 | |
evince | eq | 3.28.2__5.el7 | |
evince | eq | 3.22.1__7.el7 |