Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-3998-1.NASL
HistoryOct 07, 2023 - 12:00 a.m.

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3998-1)

2023-10-0700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
suse linux
security update
poppler
denial of service
remote attackers
vulnerability
pdf file
application crashes
sigabrt
cve-2020-23804
cve-2020-36024
cve-2022-37050
cve-2022-37051
cve-2022-38349

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.012 Low

EPSS

Percentile

85.5%

JSON

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3998-1 advisory.

  • Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. (CVE-2020-23804)

  • An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. (CVE-2020-36024)

  • In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662. (CVE-2022-37050)

  • An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
    (CVE-2022-37051)

  • An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file. (CVE-2022-38349)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:3998-1. The text itself
# is copyright (C) SUSE.
##

include('compat.inc');

if (description)
{
  script_id(182744);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/07");

  script_cve_id(
    "CVE-2020-23804",
    "CVE-2020-36024",
    "CVE-2022-37050",
    "CVE-2022-37051",
    "CVE-2022-38349"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2023:3998-1");

  script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3998-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3998-1 advisory.

  - Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial
    of service via crafted input. (CVE-2020-23804)

  - An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial
    of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. (CVE-2020-36024)

  - In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service
    (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled
    in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of
    CVE-2018-20662. (CVE-2022-37050)

  - An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service
    because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
    (CVE-2022-37051)

  - An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to
    denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an
    embedded file. (CVE-2022-38349)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1214257");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1214618");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1214621");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1214622");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1215422");
  # https://lists.suse.com/pipermail/sle-security-updates/2023-October/016563.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?84c9c6bf");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-23804");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-36024");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-37050");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-37051");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-38349");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-38349");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-23804");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/08/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/10/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-cpp0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-glib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler-glib8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpoppler89");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:poppler-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:typelib-1_0-Poppler-0_18");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.4)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(2|3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP2/3/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(2|3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP2/3/4/5", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3', 'SUSE-Manager-Proxy-release-4.2']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Manager-Server-release-4.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
    {'reference':'libpoppler89-32bit-0.79.0-150200.3.21.2', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'libpoppler-cpp0-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'libpoppler-devel-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'libpoppler-glib-devel-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'libpoppler-glib8-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'libpoppler89-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'poppler-tools-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
    {'reference':'typelib-1_0-Poppler-0_18-0.79.0-150200.3.21.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpoppler-cpp0 / libpoppler-devel / libpoppler-glib-devel / etc');
}
VendorProductVersionCPE
novellsuse_linuxlibpoppler-cpp0p-cpe:/a:novell:suse_linux:libpoppler-cpp0
novellsuse_linuxlibpoppler-develp-cpe:/a:novell:suse_linux:libpoppler-devel
novellsuse_linuxlibpoppler-glib-develp-cpe:/a:novell:suse_linux:libpoppler-glib-devel
novellsuse_linuxlibpoppler-glib8p-cpe:/a:novell:suse_linux:libpoppler-glib8
novellsuse_linuxlibpoppler89p-cpe:/a:novell:suse_linux:libpoppler89
novellsuse_linuxpoppler-toolsp-cpe:/a:novell:suse_linux:poppler-tools
novellsuse_linuxtypelib-1_0-poppler-0_18p-cpe:/a:novell:suse_linux:typelib-1_0-poppler-0_18
novellsuse_linux15cpe:/o:novell:suse_linux:15

Related

nessus 53
openvas 30
osv 14
ubuntu 4
debian 4
redos 1
prion 6
debiancve 6
cvelist 6
cve 6
ubuntucve 6
amazon 8
nvd 6
veracode 6
redhatcve 6
oraclelinux 3
redhat 3
almalinux 1
mageia 2
fedora 7
centos 1
hp 1
suse 1
nessus
nessus
SUSE SLES12 Security Update : poppler (SUSE-SU-2023:3982-1)
2023-10-06 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2023:3983-1)
2023-10-06 00:00:00
SUSE SLES12 Security Update : poppler (SUSE-SU-2023:3981-1)
2023-10-06 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:3983-1)
2023-10-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3998-1)
2023-10-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3982-1)
2023-10-06 00:00:00
osv
osv
poppler regression
2023-11-28 13:11:44
poppler vulnerabilities
2023-11-23 02:47:28
poppler - security update
2023-10-16 00:00:00
ubuntu
ubuntu
poppler vulnerabilities
2023-11-23 00:00:00
poppler regression
2023-11-28 00:00:00
poppler vulnerabilities
2023-08-17 00:00:00
debian
debian
[SECURITY] [DLA 3620-1] poppler security update
2023-10-16 11:41:13
[SECURITY] [DLA 3528-1] poppler security update
2023-08-14 12:38:26
[SECURITY] [DLA 1706-1] poppler security update
2019-03-08 20:37:16
redos
redos
ROS-20230918-04
2023-09-18 00:00:00
prion
prion
Design/Logic Flaw
2023-08-22 19:16:00
Code injection
2023-08-22 19:16:00
Code injection
2023-08-22 19:16:00
debiancve
debiancve
CVE-2022-37050
2023-08-22 19:16:23
CVE-2020-36024
2023-08-11 14:15:11
CVE-2022-37051
2023-08-22 19:16:23
cvelist
cvelist
CVE-2022-37050
2023-08-22 00:00:00
CVE-2020-36024
2023-08-11 00:00:00
CVE-2022-38349
2023-08-22 00:00:00
cve
cve
CVE-2022-37050
2023-08-22 19:16:23
CVE-2022-38349
2023-08-22 19:16:23
CVE-2022-37051
2023-08-22 19:16:23
ubuntucve
ubuntucve
CVE-2022-37050
2023-08-22 00:00:00
CVE-2022-38349
2023-08-22 00:00:00
CVE-2020-23804
2023-08-22 00:00:00
amazon
amazon
Medium: poppler
2023-08-30 17:56:00
Medium: poppler
2023-09-27 22:15:00
Medium: poppler
2023-08-31 22:30:00
nvd
nvd
CVE-2022-37050
2023-08-22 19:16:23
CVE-2022-38349
2023-08-22 19:16:23
CVE-2020-23804
2023-08-22 19:16:19
veracode
veracode
Denial Of Service (DoS)
2023-08-17 14:08:38
Denial Of Service (DoS)
2023-10-10 05:48:08
Denial Of Service (DoS)
2023-10-09 11:51:44
redhatcve
redhatcve
CVE-2022-38349
2023-12-18 05:56:36
CVE-2022-37050
2023-08-24 19:15:30
CVE-2020-23804
2023-08-24 18:45:53
oraclelinux
oraclelinux
poppler security update
2024-05-23 00:00:00
poppler security update
2019-09-12 00:00:00
poppler security, bug fix, and enhancement update
2019-08-13 00:00:00
redhat
redhat
(RHSA-2024:2979) Moderate: poppler security update
2024-05-22 06:35:15
(RHSA-2019:2713) Moderate: poppler security update
2019-09-10 15:32:22
(RHSA-2019:2022) Moderate: poppler security, bug fix, and enhancement update
2019-08-06 07:51:02
almalinux
almalinux
Moderate: poppler security update
2024-05-22 00:00:00
mageia
mageia
Updated poppler packages fix security vulnerability
2023-09-11 16:07:54
Updated poppler packages fix security vulnerabilities
2019-03-29 18:51:06
fedora
fedora
[SECURITY] Fedora 29 Update: poppler-0.67.0-12.fc29
2019-02-25 02:42:51
[SECURITY] Fedora 29 Update: poppler-0.67.0-16.fc29
2019-04-06 19:44:47
[SECURITY] Fedora 28 Update: poppler-0.62.0-16.fc28
2019-04-01 01:21:55
centos
centos
evince, okular, poppler security update
2019-08-30 02:44:38
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
suse
suse
Security update for poppler (important)
2021-12-01 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.012 Low

EPSS

Percentile

85.5%

JSON
Related for SUSE_SU-2023-3998-1.NASL
nessus53openvas30osv14ubuntu4debian4redos1prion6debiancve6cvelist6cve6ubuntucve6amazon8nvd6veracode6redhatcve6oraclelinux3redhat3almalinux1mageia2fedora7centos1hp1suse1