First published: Thu Nov 23 2023(Updated: )
It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-23804) It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-37050, CVE-2022-37051, CVE-2022-37052, CVE-2022-38349)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libpoppler118 | <22.02.0-2ubuntu0.3 | 22.02.0-2ubuntu0.3 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/poppler-utils | <22.02.0-2ubuntu0.3 | 22.02.0-2ubuntu0.3 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/libpoppler97 | <0.86.1-0ubuntu1.4 | 0.86.1-0ubuntu1.4 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/poppler-utils | <0.86.1-0ubuntu1.4 | 0.86.1-0ubuntu1.4 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/libpoppler73 | <0.62.0-2ubuntu2.14+esm2 | 0.62.0-2ubuntu2.14+esm2 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/poppler-utils | <0.62.0-2ubuntu2.14+esm2 | 0.62.0-2ubuntu2.14+esm2 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/libpoppler58 | <0.41.0-0ubuntu1.16+esm4 | 0.41.0-0ubuntu1.16+esm4 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/poppler-utils | <0.41.0-0ubuntu1.16+esm4 | 0.41.0-0ubuntu1.16+esm4 |
Ubuntu Ubuntu | =16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The vulnerability ID for the poppler vulnerabilities in Ubuntu 16.04 LTS is CVE-2022-37051.
A remote attacker can exploit the poppler vulnerabilities by tricking a user or an automated system into opening a specially crafted PDF file.
The severity of the poppler vulnerabilities is not mentioned in the provided information.
To fix the poppler vulnerabilities in Ubuntu 16.04 LTS, update the libpoppler118 and poppler-utils packages to version 22.02.0-2ubuntu0.3 or later.
You can find more information about the poppler vulnerabilities on the Ubuntu security website.