ALAS2-2023-2281 --- popplerID: oval:org.secpod.oval:def:1701815 | Date: (C)2023-10-26 (M)2024-01-03 |
Class: PATCH | Family: unix |
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service via crafted .pdf file to FoFiType1C::cvtGlyph function. An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service via crafted .pdf file to FoFiType1C::convertToType1 function. An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file