CVE-2020-20740
Published: 20 November 2020
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
Priority
Unknown
CVSS 3 base score: 7.8
Status
| Package | Release | Status |
|---|---|---|
|
pdfresurrect Launchpad, Ubuntu, Debian |
Upstream |
Released
(0.21-1)
|
| Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Not vulnerable
(0.21-1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Needs triage
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20740
- https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397 (v0.21)
- https://github.com/enferex/pdfresurrect/issues/14
- https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397
- NVD
- Launchpad
- Debian