CVE-2022-37052
Summary
| CVE | CVE-2022-37052 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-08-22 19:16:00 UTC |
|---|
| Updated | 2023-08-25 20:17:00 UTC |
|---|
| Description | A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Freedesktop |
Poppler |
22.07.0 |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| SIGABRT at poppler/gmem.h:170 (#1278) · Issues · poppler / poppler · GitLab |
MISC |
gitlab.freedesktop.org |
|
| pdfseparate: Account for XRef::add failing because we run out of memory (86775003) · Commits · poppler / poppler · GitLab |
MISC |
gitlab.freedesktop.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199944 Ubuntu Security Notification for poppler Vulnerabilities (USN-6508-1)
- 755190 SUSE Enterprise Linux Security Update for poppler (SUSE-SU-2023:4270-1)
- 755219 SUSE Enterprise Linux Security Update for poppler (SUSE-SU-2023:4363-1)
- 755220 SUSE Enterprise Linux Security Update for poppler (SUSE-SU-2023:4362-1)
- 755334 SUSE Enterprise Linux Security Update for poppler (SUSE-SU-2023:4562-1)
