CVE-2023-34872

5.5 MEDIUM

Published: July 31, 2023 Modified: November 04, 2025

Description

A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe

Source: cve@mitre.org

Patch

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399

Source: cve@mitre.org

Exploit Issue Tracking Vendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/

Source: cve@mitre.org

https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe