Published: 22/08/2023 Updated: 28/08/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

An issue exists in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freedesktop poppler 22.08.0

An issue was discovered in freedesktop poppler version 20121, allows remote attackers to cause a denial of service (DoS) via crafted pdf file to FoFiType1C::cvtGlyph function (CVE-2020-36023) An issue was discovered in freedesktop poppler version 20121, allows remote attackers to cause a denial of service (DoS) via crafted pdf file to FoFiTy ...

CWE-617 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282 https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2281.html

CVE-2022-38349

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect