CVE-2017-7511 — NULL Pointer Dereference in Poppler

CWE-476 — NULL Pointer Dereference11 documents8 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 44.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freedesktop Poppler Poppler

Timeline

PublishedMay 30

Latest updateMay 14

Description

poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶Debianfreedesktop/poppler< 0.57.0-2+3

▶CVEListV5poppler/popplersince 0.17.3

▶NVDfreedesktop/poppler79 versions+78

Patches

Patch: cgit.freedesktop.org ↗Patch: cgit.freedesktop.org ↗

🔴Vulnerability Details

GHSA

GHSA-mqrh-mcfq-vc54: poppler since version 0↗2022-05-14

▶

OSV

poppler vulnerabilities↗2017-07-07

▶

CVEList

CVE-2017-7511: poppler since version 0↗2017-05-30

▶

OSV

CVE-2017-7511: poppler since version 0↗2017-05-30

▶

📋Vendor Advisories

Ubuntu

poppler vulnerabilities↗2017-07-07

▶

Red Hat

poppler: Null pointer dereference in pdfunite via crafted documents↗2017-05-23

▶

Debian

CVE-2017-7511: poppler - poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in ...↗2017

▶

💬Community

Bugzilla

CVE-2017-7511 mingw-poppler: poppler: Null pointer dereference in pdfunite via crafted documents [fedora-all]↗2017-05-30

▶

Bugzilla

CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents [fedora-all]↗2017-05-30

▶

Bugzilla

CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents↗2017-05-30

▶