Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-37050

Опубликовано: 22 авг. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.5

Описание

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

esm-infra/bionic

released

0.62.0-2ubuntu2.14+esm2
esm-infra/focal

released

0.86.1-0ubuntu1.4
esm-infra/xenial

released

0.41.0-0ubuntu1.16+esm4
focal

released

0.86.1-0ubuntu1.4
jammy

released

22.02.0-2ubuntu0.3
lunar

not-affected

22.12.0-2ubuntu1
mantic

not-affected

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 20%
0.00064
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-37050

CVSS3: 6.5
redhat
больше 3 лет назад

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

nvd логотип

CVE-2022-37050

CVSS3: 6.5
nvd
больше 2 лет назад

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

debian логотип

CVE-2022-37050

CVSS3: 6.5
debian
больше 2 лет назад

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers t ...

github логотип

GHSA-j6x9-fqfr-79q4

CVSS3: 6.5
github
больше 2 лет назад

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

fstec логотип

BDU:2023-05858

CVSS3: 6.5
fstec
больше 2 лет назад

Уязвимость библиотеки для рендеринга PDF-файлов Poppler, связанная с неправильным завершением работы ресурса или его высвобождением, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 20%
0.00064
Низкий

6.5 Medium

CVSS3