Описание
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
A vulnerability was found in poppler, where PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | poppler | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-poppler022 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | poppler | Out of support scope | ||
| Red Hat Enterprise Linux 8 | cups-container | Not affected | ||
| Red Hat Enterprise Linux 8 | gimp-flatpak-container | Affected | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/poppler | Affected | ||
| Red Hat Enterprise Linux 8 | poppler | Affected | ||
| Red Hat Enterprise Linux 9 | cups-container | Not affected | ||
| Red Hat Enterprise Linux 9 | inkscape:flatpak/poppler | Affected | ||
| Red Hat Enterprise Linux 9 | libreoffice-flatpak-container | Will not fix |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers t ...
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
Уязвимость библиотеки для рендеринга PDF-файлов Poppler, связанная с неправильным завершением работы ресурса или его высвобождением, позволяющая нарушителю вызвать отказ в обслуживании
6.5 Medium
CVSS3