{"schema_version":"1.7.2","id":"OESA-2024-1813","modified":"2024-07-05T11:08:27Z","published":"2024-07-05T11:08:27Z","upstream":["CVE-2024-6239"],"summary":"poppler security update","details":"Poppler is a free software utility library for rendering Portable Document Format (PDF) documents. \\ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \\ the PDF viewers of the open source GNOME and KDE desktop environments.\r\n\r\nSecurity Fix(es):\r\n\r\nA flaw was found in the Poppler\u0026apos;s Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.(CVE-2024-6239)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP4","name":"poppler","purl":"pkg:rpm/openEuler/poppler\u0026distro=openEuler-22.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.90.0-8.oe2203sp4"}]}],"ecosystem_specific":{"aarch64":["poppler-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-cpp-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-cpp-devel-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-debuginfo-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-debugsource-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-devel-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-glib-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-glib-devel-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-qt5-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-qt5-devel-0.90.0-8.oe2203sp4.aarch64.rpm","poppler-utils-0.90.0-8.oe2203sp4.aarch64.rpm"],"noarch":["poppler-glib-doc-0.90.0-8.oe2203sp4.noarch.rpm","poppler-help-0.90.0-8.oe2203sp4.noarch.rpm"],"src":["poppler-0.90.0-8.oe2203sp4.src.rpm"],"x86_64":["poppler-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-cpp-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-cpp-devel-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-debuginfo-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-debugsource-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-devel-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-glib-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-glib-devel-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-qt5-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-qt5-devel-0.90.0-8.oe2203sp4.x86_64.rpm","poppler-utils-0.90.0-8.oe2203sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1813"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-6239"}],"database_specific":{"severity":"High"}}