Lucene search
Veracode Vulnerability DatabaseVERACODE:43720HistoryOct 10, 2023 - 12:32 p.m.
Denial Of Service (DoS)
2023-10-1012:32:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
denial of service
libpoppler.so
vulnerability
crafting
malicious pdf
recursion
catalog::finddestintree
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
libpoppler.so is vulnerable to Denial of Service (DoS). An infinite recursion in the Catalog::findDestInTree function allows an attacker to exploit this vulnerability by crafting a malicious PDF file that will cause the library to crash.
Related
cve
cve
CVE-2022-48545
2023-08-22 19:16:31
nvd
nvd
CVE-2022-48545
2023-08-22 19:16:31
alpinelinux
alpinelinux
CVE-2022-48545
2023-08-22 19:16:31
cvelist
cvelist
CVE-2022-48545
2023-08-22 00:00:00
prion
prion
Design/Logic Flaw
2023-08-22 19:16:00
ubuntucve
ubuntucve
CVE-2022-48545
2023-08-22 00:00:00
debiancve
debiancve
CVE-2022-48545
2023-08-22 19:16:31
nessus
nessus
SUSE SLES12 Security Update : poppler (SUSE-SU-2023:4546-1)
2023-11-25 00:00:00
SUSE SLES12 Security Update : poppler (SUSE-SU-2023:4362-1)
2023-11-04 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4362-1)
2023-11-06 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.7%
Related for VERACODE:43720