ALT-PU-2024-1906-1
Package poppler-current updated to version 23.08.0-alt3 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2023-07-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-34872
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
- https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
- FEDORA-2023-f0be0daaa5
- FEDORA-2023-6b20b7807a
- FEDORA-2023-4285cca9bf
- FEDORA-2023-4eff9e2cd6
- https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
- FEDORA-2023-4eff9e2cd6
- FEDORA-2023-4285cca9bf
- FEDORA-2023-6b20b7807a
- FEDORA-2023-f0be0daaa5
- https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399