CVE-2023-34872

Name
CVE-2023-34872
Description
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
MISC https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:* poppler >= None < 23.06.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
poppler 3.18-main 23.05.0-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
poppler 3.17-main 22.11.0-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
poppler 3.16-main 22.05.0-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
poppler 3.15-main 21.11.0-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable