Launchpad.net

CVE 2018-19149

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

CVE-2018-19149 (Candidate) is related to these bugs:

Bug #1803059: Nullpointer dereference

		In	Importance	Status
1803059	Nullpointer dereference	poppler (Ubuntu)	High	Fix Released
1803059	Nullpointer dereference	poppler (Ubuntu Cosmic)	Undecided	Fix Released
1803059	Nullpointer dereference	poppler (Ubuntu Bionic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.