First published: Thu Aug 17 2023(Updated: )
It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-36023, CVE-2020-36024)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libpoppler97 | <0.86.1-0ubuntu1.3 | 0.86.1-0ubuntu1.3 |
=20.04 | ||
All of | ||
ubuntu/libpoppler73 | <0.62.0-2ubuntu2.14+esm1 | 0.62.0-2ubuntu2.14+esm1 |
=18.04 | ||
All of | ||
ubuntu/libpoppler58 | <0.41.0-0ubuntu1.16+esm3 | 0.41.0-0ubuntu1.16+esm3 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the poppler vulnerability is CVE-2020-36023 and CVE-2020-36024.
The affected software for the poppler vulnerability is libpoppler97 (version 0.86.1-0ubuntu1.3) on Ubuntu 20.04, libpoppler73 (version 0.62.0-2ubuntu2.14+esm1) on Ubuntu 18.04, and libpoppler58 (version 0.41.0-0ubuntu1.16+esm3) on Ubuntu 16.04.
The poppler vulnerability can be exploited by tricking a user or an automated system into opening a specially crafted PDF file. This can potentially cause a denial of service.
To fix the poppler vulnerability, update libpoppler97 to version 0.86.1-0ubuntu1.3 on Ubuntu 20.04, libpoppler73 to version 0.62.0-2ubuntu2.14+esm1 on Ubuntu 18.04, and libpoppler58 to version 0.41.0-0ubuntu1.16+esm3 on Ubuntu 16.04.
You can find more information about the poppler vulnerability on the Ubuntu Security website or the provided reference links.