Untriaged
Permalink
CVE-2024-6239
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
Poppler: pdfinfo: crash in broken documents when using -dests parameter
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
References
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:5305 vendor-advisory x_refsource_REDHAT
- RHSA-2024:9167 vendor-advisory x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2024-6239 x_transferred x_refsource_REDHAT vdb-entry
- RHBZ#2293594 issue-tracking x_refsource_REDHAT x_transferred
Affected products
poppler
- =<24.06.1
- *
compat-poppler022
gimp:flatpak/poppler
- *
inkscape:flatpak/poppler
- *
libreoffice:flatpak/poppler
- *
Matching in nixpkgs
pkgs.poppler_gi
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable 25.07.0
pkgs.poppler_min
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable 25.07.0
pkgs.poppler_data
Encoding files for Poppler, a PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable 0.4.12
pkgs.poppler_utils
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable 25.07.0
pkgs.libsForQt5.poppler
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable qt5-25.07.0
pkgs.kdePackages.poppler
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable qt6-25.07.0
pkgs.qt6Packages.poppler
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable qt6-25.07.0
pkgs.plasma5Packages.poppler
PDF rendering library
-
nixos-unstable -
- nixpkgs-unstable qt5-25.07.0
pkgs.haskellPackages.gi-poppler
Poppler bindings
-
nixos-unstable -
- nixpkgs-unstable 0.18.30
pkgs.python312Packages.poppler-qt5
None
-
nixos-unstable -
- nixpkgs-unstable qt5-21.3.0
pkgs.python313Packages.poppler-qt5
None
-
nixos-unstable -
- nixpkgs-unstable qt5-21.3.0
pkgs.python312Packages.python-poppler
Python binding to poppler-cpp
-
nixos-unstable -
- nixpkgs-unstable 0.4.1
pkgs.python313Packages.python-poppler
Python binding to poppler-cpp
-
nixos-unstable -
- nixpkgs-unstable 0.4.1
pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib
Test whether poppler-glib-25.07.0 exposes pkg-config modules poppler-glib
Package maintainers
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@onny Jonas Heinrich <onny@project-insanity.org>