Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-36024

Опубликовано: 11 авг. 2023
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

A flaw was found in the Poppler package. This flaw allows attackers to possibly cause a denial of service via a crafted .pdf file to the FoFiType1C::convertToType1 function.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6popplerOut of support scope
Red Hat Enterprise Linux 7popplerOut of support scope
Red Hat Enterprise Linux 8gimp:flatpak/popplerAffected
Red Hat Enterprise Linux 8inkscape:flatpak/popplerWill not fix
Red Hat Enterprise Linux 8libreoffice:flatpak/popplerWill not fix
Red Hat Enterprise Linux 9inkscape:flatpak/popplerWill not fix
Red Hat Enterprise Linux 9libreoffice:flatpak/popplerWill not fix
Red Hat Enterprise Linux 9popplerNot affected
Red Hat Enterprise Linux 8popplerFixedRHSA-2024:297922.05.2024

Показывать по

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2231520poppler: NULL pointer dereference in `FoFiType1C::convertToType1`

EPSS

Процентиль: 37%
0.00156
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVSS3: 5.5
ubuntu
около 2 лет назад

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

CVSS3: 5.5
nvd
около 2 лет назад

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

CVSS3: 5.5
debian
около 2 лет назад

An issue was discovered in freedesktop poppler version 20.12.1, allows ...

rocky
3 месяца назад

Moderate: poppler security update

CVSS3: 5.5
github
около 2 лет назад

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

EPSS

Процентиль: 37%
0.00156
Низкий

5.5 Medium

CVSS3