In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Denial Of Service
Buffer Overflow
Information Disclosure
Poppler
Ubuntu Linux
+9
NVD
CVSS 3.1
7.8
EPSS
2.2%