Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-34503HistoryJul 22, 2022 - 3:15 p.m.
CVE-2022-34503
2022-07-2215:15:08
Debian Security Bug Tracker
security-tracker.debian.org
26
qpdf
v8.4.2
heap buffer overflow
denial of service
pdf file
unix
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
31.4%
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | qpdf | < 9.0.0-1 | qpdf_9.0.0-1_all.deb |
| Debian | 11 | all | qpdf | < 9.0.0-1 | qpdf_9.0.0-1_all.deb |
| Debian | 999 | all | qpdf | < 9.0.0-1 | qpdf_9.0.0-1_all.deb |
| Debian | 13 | all | qpdf | < 9.0.0-1 | qpdf_9.0.0-1_all.deb |
Related
osv
osv
CVE-2022-34503
2022-07-22 15:15:08
redhatcve
redhatcve
CVE-2022-34503
2022-07-27 04:55:00
prion
prion
Heap overflow
2022-07-22 15:15:00
nessus
nessus
Amazon Linux 2 : qpdf (ALAS-2023-2099)
2023-07-01 00:00:00
SUSE SLES12 Security Update : qpdf (SUSE-SU-2022:2669-1)
2022-08-05 00:00:00
SUSE SLES15 Security Update : qpdf (SUSE-SU-2022:2670-1)
2022-08-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-07-25 10:24:10
cvelist
cvelist
CVE-2022-34503
2022-07-22 14:17:21
cve
cve
CVE-2022-34503
2022-07-22 15:15:08
ubuntucve
ubuntucve
CVE-2022-34503
2022-07-22 00:00:00
amazon
amazon
Medium: qpdf
2023-06-21 19:11:00
nvd
nvd
CVE-2022-34503
2022-07-22 15:15:08
suse
suse
Security update for qpdf (important)
2022-08-04 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2670-1)
2022-08-05 00:00:00
openSUSE: Security Advisory for qpdf (SUSE-SU-2022:2670-1)
2022-08-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2669-1)
2022-08-05 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
31.4%
Related for DEBIANCVE:CVE-2022-34503