CVE-2020-23804

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Poppler version 0.89.0

Description The issue is related to uncontrolled recursion in the Poppler library for rendering PDF files. This can be exploited by a remote attacker to cause a denial of service via crafted input. The vulnerability affects the pdfinfo and pdftops components.

Recommendations For Poppler version 0.89.0, consider disabling the pdfinfo and pdftops functions until a patch is available to prevent potential denial of service attacks.

Exploit

Fix

DoS

Improper Resource Release

NULL Pointer Dereference

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476CWE-674

Related Identifiers

BDU:2023-06640

BDU:2023-06641

CVE-2020-23804

DLA-3620-1

OESA-2023-1561

OESA-2023-1611

OESA-2023-1612

OESA-2023-1613

OPENSUSE-SU-2023_3983-1

OPENSUSE-SU-2023_3998-1

SUSE-SU-2023:3981-1

SUSE-SU-2023:3982-1

SUSE-SU-2023:3983-1

SUSE-SU-2023:3998-1

SUSE-SU-2023_3981-1

SUSE-SU-2023_3982-1

SUSE-SU-2023_3983-1

SUSE-SU-2023_3998-1

USN-6508-1

USN-6508-2

Affected Products

Astra Linux

Linuxmint

Poppler

Suse

Ubuntu

CVE-2020-23804

Weakness Enumeration

Related Identifiers

Affected Products

References · 105