Jump to:

CVE-2023-34872

Jump to:

CVE-2023-34872

Package poppler-current updated to version 23.08.0-alt1 for branch p10 in task 338453.

Published: 2023-07-31
Modified: 2024-11-21

CVE-2023-34872

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
FEDORA-2023-f0be0daaa5
FEDORA-2023-6b20b7807a
FEDORA-2023-4285cca9bf
FEDORA-2023-4eff9e2cd6
https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
FEDORA-2023-4eff9e2cd6
FEDORA-2023-4285cca9bf
FEDORA-2023-6b20b7807a
FEDORA-2023-f0be0daaa5
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399

Version: 2.1.0

Package poppler-current update in p10 on 2024-02-01

ALT-PU-2024-1289-5

Closed vulnerabilities

CVE-2023-34872