Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-34872

Опубликовано: 31 июл. 2023
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

A flaw was found in Poppler that allows a remote attacker to cause a Denial of Service (DoS) via a crafted PDF file in OutlineItem::open.

Отчет

Red Hat Enterprise Linux 6, 7, 8, and 9 are not affected by this CVE, as the vulnerable code is not present in RHEL.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6popplerNot affected
Red Hat Enterprise Linux 7compat-poppler022Not affected
Red Hat Enterprise Linux 7popplerNot affected
Red Hat Enterprise Linux 8gimp:flatpak/popplerNot affected
Red Hat Enterprise Linux 8inkscape:flatpak/popplerNot affected
Red Hat Enterprise Linux 8libreoffice:flatpak/popplerNot affected
Red Hat Enterprise Linux 8popplerNot affected
Red Hat Enterprise Linux 9inkscape:flatpak/popplerNot affected
Red Hat Enterprise Linux 9libreoffice:flatpak/popplerNot affected
Red Hat Enterprise Linux 9popplerNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2227884poppler: Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

EPSS

Процентиль: 41%
0.00191
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-34872

CVSS3: 5.5
ubuntu
больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

nvd логотип

CVE-2023-34872

CVSS3: 5.5
nvd
больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

debian логотип

CVE-2023-34872

CVSS3: 5.5
debian
больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a re ...

suse-cvrf логотип

SUSE-SU-2023:4291-1

suse-cvrf
около 2 лет назад

Security update for poppler

github логотип

GHSA-77j7-vm29-rwwv

CVSS3: 5.5
github
больше 2 лет назад

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

EPSS

Процентиль: 41%
0.00191
Низкий

5.5 Medium

CVSS3