CVE-2024-6239

Опубликовано: 21 июн. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

Ссылки

https://access.redhat.com/errata/RHSA-2024:5305
https://access.redhat.com/errata/RHSA-2024:9167
https://access.redhat.com/security/cve/CVE-2024-6239
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2293594
Issue Tracking
Patch
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-6239
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2293594
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*

Версия до 24.06.0 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00403

Низкий

7.5 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo

Связанные уязвимости

CVE-2024-6239

CVSS3: 7.5

ubuntu

12 месяцев назад

CVE-2024-6239

CVSS3: 7.5

redhat

около 1 года назад

CVE-2024-6239

CVSS3: 7.5

debian

12 месяцев назад

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs w ...

SUSE-SU-2024:2334-1

suse-cvrf

12 месяцев назад

Security update for poppler

SUSE-SU-2024:2333-1

suse-cvrf

12 месяцев назад

Security update for poppler

EPSS

Процентиль: 60%

0.00403

Низкий

7.5 High

CVSS3

Дефекты

CWE-20

NVD-CWE-noinfo