CVE-2019-12515
Xpdf 4.01.01 is affected by CVE-2019-12515 due to an out-of-bounds read in FlateStream::getChar() (Stream.cc). A crafted PDF could be processed by pdftoppm to trigger information disclosure or a denial of service. Remediation per available public advisories is to upgrade to Xpdf 4.02 (Fedora and ...