CVE-2023-34872

Опубликовано: 31 июл. 2023

Источник: debian

EPSS Низкий

Описание

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	23.08.0-1	experimental	package
poppler	fixed	24.02.0-2		package
poppler	fixed	22.12.0-2+deb12u1	bookworm	package
poppler	not-affected		bullseye	package
poppler	not-affected		buster	package

Примечания

Introduced by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/fa494b780ab69ef04ba7447ab6d8fc3b46373e59 (poppler-21.08.0)
Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe (poppler-23.06.0)
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399

EPSS

Процентиль: 38%

0.00166

Низкий

Связанные уязвимости

CVE-2023-34872

CVSS3: 5.5

ubuntu

больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

CVE-2023-34872

CVSS3: 5.5

redhat

больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

CVE-2023-34872

CVSS3: 5.5

nvd

больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

SUSE-SU-2023:4291-1

suse-cvrf

около 2 лет назад

Security update for poppler

GHSA-77j7-vm29-rwwv

CVSS3: 5.5

github

больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

EPSS

Процентиль: 38%

0.00166

Низкий