Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

GHSA-29RG-H6C8-H6XH

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24
VLAI
Details

browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2010-4576"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-12-22T01:00:00Z",
    "severity": "MODERATE"
  },
  "details": "browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker.",
  "id": "GHSA-29rg-h6c8-h6xh",
  "modified": "2022-05-13T01:24:59Z",
  "published": "2022-05-13T01:24:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4576"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14161"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=63529"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42648"
    },
    {
      "type": "WEB",
      "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=66620"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45390"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-29WP-Q2R7-4JQV

Vulnerability from github – Published: 2022-05-13 01:11 – Updated: 2025-04-20 03:40
VLAI
Details

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-1000050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-17T13:18:00Z",
    "severity": "HIGH"
  },
  "details": "JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.",
  "id": "GHSA-29wp-q2r7-4jqv",
  "modified": "2025-04-20T03:40:45Z",
  "published": "2022-05-13T01:11:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000050"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3253"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:3505"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201908-03"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3693-1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/03/06/1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96595"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-29X9-4344-PX4H

Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2026-05-12 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()

In dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former checks on msg[0].buf would be passed. If accessing msg[0].buf[2] without sanity check, null pointer deref would happen. We add check on msg[0].len to prevent crash. Similar issue occurs when access msg[1].buf[0] and msg[1].buf[1].

Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-38694"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-04T16:15:37Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()\n\nIn dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and\nmsg[0].len is zero, former checks on msg[0].buf would be passed. If accessing\nmsg[0].buf[2] without sanity check, null pointer deref would happen. We add\ncheck on msg[0].len to prevent crash. Similar issue occurs when access\nmsg[1].buf[0] and msg[1].buf[1].\n\nSimilar commit: commit 0ed554fd769a (\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
  "id": "GHSA-29x9-4344-px4h",
  "modified": "2026-05-12T15:31:00Z",
  "published": "2025-09-05T18:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38694"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-032379.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/09906650484a09b3a4d4b3d3065395856810becd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0bb32863426afe0badac25c28d59021f211d0f48"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/19eb5d8e6aa1169d368a4d69aae5572950deb89d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/529fd5593b721e6f4370c591f5086649ed149ff6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a0f744d6cdde81d7382e183f77a4080a39b206cd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc07cae4f36bb18d5b6a9ed835c1278ca44ec82e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c33280d6bd668dbdc5a5f07887cc63a52ab4789c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce5cac69b2edac3e3246fee03e8f4c2a1075238b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce8b7c711b9c4f040b5419729d0972db8e374324"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-29XX-HCV2-C4CP

Vulnerability from github – Published: 2023-02-08 22:23 – Updated: 2025-11-04 22:09
VLAI
Summary
openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions
Details

An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions.

The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "openssl-src"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "300.0.0"
            },
            {
              "fixed": "300.0.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-0216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-08T22:23:39Z",
    "nvd_published_at": "2023-02-08T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the `d2i_PKCS7()`, `d2i_PKCS7_bio()` or `d2i_PKCS7_fp()` functions.\n\nThe result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.",
  "id": "GHSA-29xx-hcv2-c4cp",
  "modified": "2025-11-04T22:09:03Z",
  "published": "2023-02-08T22:23:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0216"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2023-0011.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202402-08"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv/20230207.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "openssl-src subject to Invalid pointer dereference in `d2i_PKCS7` functions"
}

GHSA-2C46-3V56-P8MQ

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24
VLAI
Details

The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-1748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-05-09T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.",
  "id": "GHSA-2c46-3v56-p8mq",
  "modified": "2022-05-13T01:24:48Z",
  "published": "2022-05-13T01:24:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1748"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698057"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=10022a6c66e199d8f61d9044543f38785713cbbd"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/20/7"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/21/1"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/21/2"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/21/7"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/22/2"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/04/25/4"
    },
    {
      "type": "WEB",
      "url": "http://permalink.gmane.org/gmane.linux.network/192974"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/47835"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-2C4F-VGWR-82Q6

Vulnerability from github – Published: 2023-07-21 21:30 – Updated: 2024-04-04 06:18
VLAI
Details

A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user's sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users.

Given this code is not in any released versions, no security releases have been issued.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3603"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476",
      "CWE-770"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-21T20:15:16Z",
    "severity": "MODERATE"
  },
  "details": "A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user\u0027s sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users.\n\nGiven this code is not in any released versions, no security releases have been issued.",
  "id": "GHSA-2c4f-vgwr-82q6",
  "modified": "2024-04-04T06:18:44Z",
  "published": "2023-07-21T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3603"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-3603"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221791"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2C7P-HJRR-CXQ7

Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2025-04-20 03:37
VLAI
Details

The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-08T14:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.",
  "id": "GHSA-2c7p-hjrr-cxq7",
  "modified": "2025-04-20T03:37:20Z",
  "published": "2022-05-13T01:26:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8847"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ckolivas/lrzip/issues/67"
    },
    {
      "type": "WEB",
      "url": "https://blogs.gentoo.org/ago/2017/05/07/lrzip-null-pointer-dereference-in-bufreadget-libzpaq-h"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202005-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2C7R-JXV5-347C

Vulnerability from github – Published: 2025-05-09 09:33 – Updated: 2025-11-12 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/sclp: Add check for get_zeroed_page()

Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. Furthermore, to solve the memory leak caused by the loop allocation, add a free helper to do the free job.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-37883"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-09T07:16:09Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Add check for get_zeroed_page()\n\nAdd check for the return value of get_zeroed_page() in\nsclp_console_init() to prevent null pointer dereference.\nFurthermore, to solve the memory leak caused by the loop\nallocation, add a free helper to do the free job.",
  "id": "GHSA-2c7r-jxv5-347c",
  "modified": "2025-11-12T21:31:03Z",
  "published": "2025-05-09T09:33:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37883"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2C9Q-JGX6-2QX7

Vulnerability from github – Published: 2024-04-23 09:30 – Updated: 2024-07-03 18:36
VLAI
Details

QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-48183"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-23T07:15:42Z",
    "severity": "HIGH"
  },
  "details": "QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because of an erroneous lexical scope of \"this\" with eval.",
  "id": "GHSA-2c9q-jgx6-2qx7",
  "modified": "2024-07-03T18:36:36Z",
  "published": "2024-04-23T09:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48183"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bellard/quickjs/issues/192"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bellard/quickjs/commit/c4cdd61a3ed284cd760faf6b00bbf0cb908da077"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2CFF-2PFQ-X5V9

Vulnerability from github – Published: 2022-05-14 01:20 – Updated: 2022-05-14 01:20
VLAI
Details

poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-19T16:29:00Z",
    "severity": "MODERATE"
  },
  "details": "poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.",
  "id": "GHSA-2cff-2pfq-x5v9",
  "modified": "2022-05-14T01:20:24Z",
  "published": "2022-05-14T01:20:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9083"
    },
    {
      "type": "WEB",
      "url": "https://bugs.freedesktop.org/show_bug.cgi?id=101084"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201801-17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.