Fluid Attacks Database

Description

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	poppler	>=0 <24.02.0-2	24.02.0-2
debian 12	poppler	=22.12.0-2 \|\| >=0 <22.12.0-2+deb12u1	22.12.0-2+deb12u1
debian 13	poppler	>=0 <24.02.0-2	24.02.0-2

Aliases

1. CVE-2023-348722. NVD-2023-348723. OSV-DEBIAN-2023-348724. OSV-2023-348725. SECURITY-TRACKER-CVE-2023-34872

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.