First published: Fri Aug 11 2023(Updated: )
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ubuntu/poppler | <21.01.0 | 21.01.0 |
ubuntu/poppler | <0.62.0-2ubuntu2.14+ | 0.62.0-2ubuntu2.14+ |
ubuntu/poppler | <0.86.1-0ubuntu1.3 | 0.86.1-0ubuntu1.3 |
ubuntu/poppler | <0.41.0-0ubuntu1.16+ | 0.41.0-0ubuntu1.16+ |
freedesktop poppler | =20.12.1 | |
=20.12.1 | ||
debian/poppler | <=0.71.0-5<=20.09.0-3.1+deb11u1 | 0.71.0-5+deb10u3 22.12.0-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-36024 is a vulnerability in freedesktop poppler version 20.12.1 that allows remote attackers to cause a denial of service (DoS) through a crafted .pdf file.
CVE-2020-36024 has a severity rating of 5.5 (Medium).
To fix CVE-2020-36024 in freedesktop poppler version 20.12.1, you need to update to a patched version.
You can find more information about CVE-2020-36024 at the following references: [Reference 1](https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016), [Reference 2](https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html), [Reference 3](https://launchpad.net/bugs/cve/CVE-2020-36024).
The Common Weakness Enumeration (CWE) ID for CVE-2020-36024 is 476.