CVE-2020-35702

EUVD-2020-23360

25.12.2020, 02:15

DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 62%

Affected Products (NVD)

Vendor	Product	Version
freedesktop	poppler	20.12.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

poppler

bookworm	22.12.0-2 fixed
bullseye	20.09.0-3.1+deb11u1 fixed
bullseye (security)	20.09.0-3.1+deb11u1 fixed
sid	24.08.0-3 fixed
trixie	24.08.0-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

poppler

bionic	not-affected
focal	not-affected
groovy	not-affected
trusty	dne
xenial	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1011