An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
References
Link | Resource |
---|---|
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016 | Exploit Issue Tracking Patch |
https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html | Mailing List Third Party Advisory |
Configurations
History
17 Aug 2023, 02:09
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html - Mailing List, Third Party Advisory | |
References | (MISC) https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016 - Exploit, Issue Tracking, Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-476 | |
CPE | cpe:2.3:a:freedesktop:poppler:20.12.1:*:*:*:*:*:*:* |
14 Aug 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Aug 2023, 15:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-11 14:15
Updated : 2024-02-05 00:01
NVD link : CVE-2020-36024
Mitre link : CVE-2020-36024
CVE.ORG link : CVE-2020-36024
JSON object : View
Products Affected
freedesktop
- poppler
CWE
CWE-476
NULL Pointer Dereference