openSUSE 15 Security Update : poppler (SUSE-SU-2023:4270-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4270-1 advisory. - An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion located in JBIG2Stream.cc, can be triggered by...

The vulnerability in the Object::getString component of the Poppler PDF rendering library allows a attacker to cause a service failure.

The vulnerability of the Object::getString component in the Poppler PDF rendering library is related to the insufficient use of the assert function. Exploiting this vulnerability may allow an attacker to cause a service failure...

ROS-20230918-04

A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...

SUSE CVE-2022-37052

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject...

CVE-2022-37052

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject...

UBUNTU-CVE-2022-37052

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. A reachable Object::getString assertion allows attackers to cause a denial of service due to a failure in markObject. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...

CVE-2022-37052

CVE-2022-37052 affects Poppler (PDF rendering) with a reachable Object::getString assertion in version 22.07.0, allowing denial of service via a failure in markObject. Connected sources indicate multiple advisories (Debian DLA-4141, Nessus/RHEL advisories) acknowledge this as part of a family of ...

Freedesktop Poppler 安全漏洞

Freedesktop Poppler is a Freedesktop community C++ class library for generating PDFs, which is inherited from Xpdf PDF reader. A security vulnerability exists in Freedesktop Poppler version 22.07.0, which stems from the presence of reachable assertions in Object::getString...

CVE-2022-37052

A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject...

RHEL 8 : poppler (RHSA-2019:2713)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2713 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: heap-based buffer...

Design/Logic Flaw

A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c...

CVE-2018-20551

A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c...

Poppler Object::getString reachable assertion vulnerability

Poppler is based on xpdf-3.0 code base PDF rendering library. Poppler 0.72.0 exists Object::getString there is a reachable assertion vulnerability , the vulnerability stems from the Annot.c in the AnnotRichMedia class to build invalid rich media annotated assets , an attacker can use the...

CVE-2018-20551

A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c...

UBUNTU-CVE-2018-20551

A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c...