Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-37051HistoryAug 22, 2023 - 7:16 p.m.
CVE-2022-37051
2023-08-2219:16:23
Debian Security Bug Tracker
security-tracker.debian.org
7
poppler
denial of service
missing stream check
embedded file
unix
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0005 Low
EPSS
Percentile
17.3%
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | poppler | < 22.08.0-2 | poppler_22.08.0-2_all.deb |
| Debian | 11 | all | poppler | <= 20.09.0-3.1+deb11u1 | poppler_20.09.0-3.1+deb11u1_all.deb |
| Debian | 10 | all | poppler | < 0.71.0-5+deb10u3 | poppler_0.71.0-5+deb10u3_all.deb |
| Debian | 999 | all | poppler | < 22.08.0-2 | poppler_22.08.0-2_all.deb |
| Debian | 13 | all | poppler | < 22.08.0-2 | poppler_22.08.0-2_all.deb |
Related
prion
prion
Code injection
2023-08-22 19:16:00
osv
osv
CVE-2022-37051
2023-08-22 19:16:23
poppler - security update
2023-10-16 00:00:00
poppler vulnerabilities
2023-11-23 02:47:28
veracode
veracode
Denial Of Service (DoS)
2023-10-10 05:26:42
cvelist
cvelist
CVE-2022-37051
2023-08-22 00:00:00
cve
cve
CVE-2022-37051
2023-08-22 19:16:23
redhatcve
redhatcve
CVE-2022-37051
2023-08-24 19:15:35
ubuntucve
ubuntucve
CVE-2022-37051
2023-08-22 00:00:00
nvd
nvd
CVE-2022-37051
2023-08-22 19:16:23
debian
debian
[SECURITY] [DLA 3620-1] poppler security update
2023-10-16 11:41:36
openvas
openvas
Debian: Security Advisory (DLA-3620-1)
2023-10-17 00:00:00
openSUSE: Security Advisory for poppler (SUSE-SU-2023:3947-1)
2024-03-04 00:00:00
Ubuntu: Security Advisory (USN-6508-1)
2023-11-24 00:00:00
redos
redos
ROS-20230918-04
2023-09-18 00:00:00
nessus
nessus
Debian DLA-3620-1 : poppler - LTS security update
2023-10-16 00:00:00
ubuntu
ubuntu
poppler vulnerabilities
2023-11-23 00:00:00
poppler regression
2023-11-28 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0005 Low
EPSS
Percentile
17.3%
Related for DEBIANCVE:CVE-2022-37051