CVEDB API

Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.3%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2019-17064