Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vr4e-q9gp-qbem
Summarypoppler: Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
Aliases
0
alias CVE-2023-34872
Fixed_packages
0
url pkg:deb/debian/poppler@0?distro=trixie
purl pkg:deb/debian/poppler@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie
1
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48d5-zxmm-r3g4
1
vulnerability VCID-a8zz-dfdm-1uf7
2
vulnerability VCID-anb3-1s96-wbaq
3
vulnerability VCID-ygrf-gq35-fkfd
4
vulnerability VCID-yy6j-1h5z-wbgp
5
vulnerability VCID-yyxy-juya-a3f1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-48d5-zxmm-r3g4
1
vulnerability VCID-a8zz-dfdm-1uf7
2
vulnerability VCID-anb3-1s96-wbaq
3
vulnerability VCID-ygrf-gq35-fkfd
4
vulnerability VCID-yy6j-1h5z-wbgp
5
vulnerability VCID-yyxy-juya-a3f1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/poppler@24.02.0-2?distro=trixie
purl pkg:deb/debian/poppler@24.02.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@24.02.0-2%3Fdistro=trixie
4
url pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a8zz-dfdm-1uf7
1
vulnerability VCID-yy6j-1h5z-wbgp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie
5
url pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
purl pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34872.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34872.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-34872
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37707
published_at 2026-04-02T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37593
published_at 2026-04-21T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37732
published_at 2026-04-04T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.3761
published_at 2026-04-07T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.37661
published_at 2026-04-08T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37675
published_at 2026-04-09T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37689
published_at 2026-04-11T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37655
published_at 2026-04-12T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37627
published_at 2026-04-13T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37674
published_at 2026-04-16T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37656
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-34872
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042811
reference_id 1042811
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042811
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
reference_id 1399
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2227884
reference_id 2227884
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2227884
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/
reference_id 3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/
7
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
reference_id 591235c8b6c65a2eee88991b9ae73490fd9afdfe
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/
reference_id JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/
reference_id SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/
10
reference_url https://usn.ubuntu.com/6273-1/
reference_id USN-6273-1
reference_type
scores
url https://usn.ubuntu.com/6273-1/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/
reference_id W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_score5.3 - 5.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vr4e-q9gp-qbem