libpoppler.so is vulnerable to a denial of service (DoS) attack. A malicious user can pass a text file to the _poppler_attachment_new
function to cause a NULL pointer dereference, crashing the application.
CPE | Name | Operator | Version |
---|---|---|---|
libpoppler.so | le | 37.0.0.0 | |
poppler | eq | 0.26.5__20.el7 | |
evince | eq | 3.22.1__7.el7 | |
evince | eq | 3.28.2__5.el7 |