Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:3981-1

Опубликовано: 05 окт. 2023
Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

  • CVE-2020-23804: Fixed uncontrolled recursion in pdfinfo and pdftops (bsc#1215422).
  • CVE-2020-36024: Fixed NULL Pointer Deference in FoFiType1C:convertToType1 (bsc#1214257).
  • CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c (bsc#1214622).
  • CVE-2022-38349: Fixed reachable assertion in Object.h that will lead to denial of service (bsc#1214618).

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5
libpoppler44-0.24.4-14.36.2

Ссылки

Описание

Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.36.2
Ссылки

Описание

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.36.2
Ссылки

Описание

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.36.2
Ссылки

Описание

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.36.2
Ссылки