Denial of Service Vulnerability in Poppler by Freedesktop.org
CVE-2023-34872

5.5MEDIUM

Key Information:

Vendor: Freedesktop
Status: Poppler
Vendor: CVE Published:; 31 July 2023

🔔 Create Freedesktop Vulnerability Alert

What is CVE-2023-34872?

A vulnerability exists in Outline.cc for Poppler that allows a remote attacker to exploit a crafted PDF file, leading to a Denial of Service (DoS) situation. This flaw can cause the software to crash, affecting its availability and performance. Users are encouraged to update to the latest version to mitigate any risks associated with this vulnerability.

References

https://gitlab.freedesktop.org/poppler/poppler/-/commit/5...

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2023
Vulnerability Reserved
Jun 7, 2023