Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2019-10873

Published: 5 April 2019

An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.

Notes

AuthorNote
mdeslaur
code is different in cosmic-. doesn't look vulnerable,
doesn't reproduce

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
poppler
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
disco
Released (0.74.0-0ubuntu1.2)
precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

xenial Not vulnerable
(code not present)
Patches:
upstream: https://gitlab.freedesktop.org/poppler/poppler/commit/8dbe2e6c480405dab9347075cf4be626f90f1d05