VYPR
Unrated severityOSV Advisory· Published Dec 26, 2018· Updated Aug 5, 2024

CVE-2018-20481

CVE-2018-20481

Description

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.