CVE-2020-27778

Опубликовано: 22 мар. 2019

Источник: redhat

CVSS3: 7.5

Описание

A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.

A flaw was found in Poppler in the way certain PDF files were converted into HTML. This flaw allows a remote attacker to provide a malicious PDF file that, when processed by the 'pdftohtml' program, crashes the application, causing a denial of service. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	poppler	Out of support scope
Red Hat Enterprise Linux 6	poppler	Out of support scope
Red Hat Enterprise Linux 7	poppler	Out of support scope
Red Hat Enterprise Linux 8	evince	Fixed	RHSA-2021:1881	18.05.2021
Red Hat Enterprise Linux 8	poppler	Fixed	RHSA-2021:1881	18.05.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-824

https://bugzilla.redhat.com/show_bug.cgi?id=1900712poppler: pdftohtml: access to uninitialized pointer could lead to DoS

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-27778

CVSS3: 7.5

ubuntu

около 5 лет назад

CVE-2020-27778

CVSS3: 7.5

nvd

около 5 лет назад

CVE-2020-27778

CVSS3: 7.5

debian

около 5 лет назад

A flaw was found in Poppler in the way certain PDF files were converte ...

RLSA-2021:1881

rocky

больше 4 лет назад

Moderate: poppler and evince security, bug fix, and enhancement update

GHSA-9f25-w4h3-5q5x

CVSS3: 7.5

github

больше 3 лет назад

7.5 High

CVSS3