First published: Fri Aug 11 2023(Updated: )
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ubuntu/poppler | <21.01.0 | 21.01.0 |
ubuntu/poppler | <0.62.0-2ubuntu2.14+ | 0.62.0-2ubuntu2.14+ |
ubuntu/poppler | <0.86.1-0ubuntu1.3 | 0.86.1-0ubuntu1.3 |
ubuntu/poppler | <0.41.0-0ubuntu1.16+ | 0.41.0-0ubuntu1.16+ |
freedesktop poppler | =20.12.1 | |
=20.12.1 | ||
debian/poppler | <=0.71.0-5<=20.09.0-3.1+deb11u1 | 0.71.0-5+deb10u3 22.12.0-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-36023 is a vulnerability discovered in freedesktop poppler version 20.12.1.
CVE-2020-36023 allows remote attackers to cause a denial of service (DoS) through a crafted .pdf file.
freedesktop poppler version 20.12.1 is affected by CVE-2020-36023.
The severity of CVE-2020-36023 is medium (CVSS score of 6.5).
To mitigate CVE-2020-36023, it is recommended to update to poppler version 0.62.0-2ubuntu2.14+ or higher.