Pwd@360Teamseri0Us

**Name of the Vulnerable Software and Affected Versions** Poppler version 0.71.0 **Description** The issue is related to an out-of-bounds read in the EmbFile::save2 function in FileSpec.cc. This can lead to a denial of service. The problem is demonstrated by the utils/pdfdetach.cc utility not validating embedded files before attempting to save them. **Recommendations** For Poppler version 0.71.0, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Poppler version 0.71.0 **Description** The issue is related to a NULL pointer dereference in the goo/GooString.h file. This can lead to a denial of service. The problem arises when the filename of an embedded file is not validated before constructing a save path, as demonstrated by the utils/pdfdetach.cc file. **Recommendations** For Poppler version 0.71.0, consider updating to a newer version that addresses this issue, as the current version contains a NULL pointer dereference that can cause a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.