CVE-2020-20740

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-20740
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-20740.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-20740
Downstream
Related
Published
2020-11-20T19:15:11Z
Modified
2025-10-21T05:45:30.817090Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdfgetversion().

References

Affected packages

Git / github.com/enferex/pdfresurrect

Affected ranges

Type
GIT
Repo
https://github.com/enferex/pdfresurrect
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1b422459f07353adce2878806d5247d9e91fb397

Affected versions

v0.*

v0.12
v0.13
v0.14
v0.15
v0.16
v0.17
v0.18
v0.19
v0.20

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397",
        "target": {
            "file": "pdf.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2020-20740-5e0d8d3f",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "62266750159890744348006957337408788746",
                "169195486734458732263106163246851784474",
                "153284992694108738737662845685979024342",
                "56903497598125699159788243737290767559",
                "77394035873851145772430697057605955968",
                "35693386764973465030921666185768141793",
                "282920137446285017441151096011442854157",
                "321748552386024178567483816130139264730",
                "72465639165843818648789851186588369287",
                "184660810464958331862803195382228611509",
                "271499173869166170498296605165084952622",
                "237757158540245183057252936505937644163",
                "64962517243295116239891511581128997676",
                "98078392315662333278268181732229513471",
                "50640456399914394826044555888067682661",
                "303887941082232755509845151854448062642",
                "211925282051974405174596615183286013494"
            ]
        }
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397",
        "target": {
            "function": "pdf_get_version",
            "file": "pdf.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2020-20740-c7c6c892",
        "signature_type": "Function",
        "digest": {
            "length": 353.0,
            "function_hash": "7694318883069593882664429430910905849"
        }
    },
    {
        "source": "https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397",
        "target": {
            "function": "pdf_is_pdf",
            "file": "pdf.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2020-20740-f0635895",
        "signature_type": "Function",
        "digest": {
            "length": 187.0,
            "function_hash": "181394584310099238219538178524145636982"
        }
    }
]