Lucene search

K
cvelistMitreCVELIST:CVE-2018-20481
HistoryDec 26, 2018 - 4:00 a.m.

CVE-2018-20481

2018-12-2604:00:00
mitre
www.cve.org

6.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.