CVE-2020-9359
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-9359
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-9359.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-9359
- Downstream
- Related
- Published
- 2020-03-24T14:15:13Z
- Modified
- 2025-10-15T12:24:12.988798Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator
- Summary
- [none]
- Details
-
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
- References
-
- https://invent.kde.org/kde/okular/-/commit/6a93a033b4f9248b3cd4d04689b8391df754e244
- https://kde.org/info/security/advisory-20200312-1.txt
- https://lists.debian.org/debian-lts-announce/2020/03/msg00033.html
- https://lists.debian.org/debian-lts-announce/2021/12/msg00019.html
- https://security.gentoo.org/glsa/202007-47
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TY3O6UWX2XTP7PISPTZ6FYRDFU4UF66/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AW6GJ3AKGXOMTDHNZBMSXDTWNJJRFBDH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G3HL3F6JLCSRLPFZ47735F5STPJWDVR4/
Affected packages
Git / github.com/kde/okular
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "26823166276780174318208233458442789712",
"length": 727.0
},
"signature_type": "Function",
"target": {
"function": "PagePrivate::imageRotationDone",
"file": "core/page.cpp"
},
"deprecated": false,
"source": "https://github.com/kde/okular/commit/81c005710cdbb23f9ed9ebcc4aee4db69d33434d",
"signature_version": "v1",
"id": "CVE-2020-9359-00a4aafa"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"103477504479933573462645002385604803675",
"174608747667283521650042549385698051925",
"336346411585471588962494241290132846721",
"106443721749238156279133402094561450340",
"152334232973350142638199216814253405009",
"260759493130988424377960062138205595341",
"130747372222879974200963138800771149558",
"25975057783018457561650396263621492751",
"146460686465375423733051567751044411027",
"49875568837799417773098985493878237559",
"210122222813725661431340495021618530640",
"9294599941181623443229732043776791921",
"101842513946858533376564493503601166395",
"3192522789925630668787452212783594524",
"236299577573811057078399850161616446577"
]
},
"signature_type": "Line",
"target": {
"file": "core/page.cpp"
},
"deprecated": false,
"source": "https://github.com/kde/okular/commit/81c005710cdbb23f9ed9ebcc4aee4db69d33434d",
"signature_version": "v1",
"id": "CVE-2020-9359-5c9e0945"
},
{
"digest": {
"function_hash": "55452390609546155863547246059151910967",
"length": 679.0
},
"signature_type": "Function",
"target": {
"function": "Page::hasPixmap",
"file": "core/page.cpp"
},
"deprecated": false,
"source": "https://github.com/kde/okular/commit/81c005710cdbb23f9ed9ebcc4aee4db69d33434d",
"signature_version": "v1",
"id": "CVE-2020-9359-7dcc545b"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"292196443006284438470786731231660970249",
"128579163328239113586340907204660594120",
"43136393125989925144730966015402196533",
"253142715234395562416841977251878011371"
]
},
"signature_type": "Line",
"target": {
"file": "core/page_p.h"
},
"deprecated": false,
"source": "https://github.com/kde/okular/commit/81c005710cdbb23f9ed9ebcc4aee4db69d33434d",
"signature_version": "v1",
"id": "CVE-2020-9359-a744e7a5"
},
{
"digest": {
"function_hash": "194474271673894041429572684263239600264",
"length": 914.0
},
"signature_type": "Function",
"target": {
"function": "PagePrivate::setPixmap",
"file": "core/page.cpp"
},
"deprecated": false,
"source": "https://github.com/kde/okular/commit/81c005710cdbb23f9ed9ebcc4aee4db69d33434d",
"signature_version": "v1",
"id": "CVE-2020-9359-b15c9847"
}
]