CVE-2022-37052

Опубликовано: 22 авг. 2023

Источник: debian

EPSS Низкий

Описание

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

Пакет	Статус	Версия исправления	Релиз	Тип
poppler	fixed	22.08.0-2		package
poppler	no-dsa		buster	package

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278
Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c (poppler-22.08.0)

EPSS

Процентиль: 6%

0.00027

Низкий

CVE-2022-37052

CVSS3: 6.5

ubuntu

больше 2 лет назад

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

CVE-2022-37052

CVSS3: 6.5

redhat

больше 3 лет назад

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

CVE-2022-37052

CVSS3: 6.5

nvd

больше 2 лет назад

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

GHSA-527m-pccf-wf58

CVSS3: 6.5

github

больше 2 лет назад

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.

BDU:2023-05860

CVSS3: 6.5

fstec

больше 2 лет назад

Уязвимость компонента Object::getString библиотеки для рендеринга PDF-файлов Poppler, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 6%

0.00027

Низкий