Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Poppler 缓冲区错误漏洞
Vulnerability Description
Poppler是一个用于生成PDF的C++类库,该库是从Xpdf(PDF阅读器)继承而来。 Poppler 20.12.1 存在缓冲区错误漏洞,该漏洞源于DCTStream.cc的DCTStream::getChars,攻击者可利用该漏洞使用PDF文档实现了基于堆的缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A