Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2810: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-38784: An integer overflow issue was discovered in Popplers’ JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of arbitrary code on the target system.
Red Hat Security Data
#vulnerability#linux#red_hat#pdf#ibm

Synopsis

Moderate: poppler security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for poppler is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

Security Fix(es):

  • poppler: integer overflow in JBIG2 decoder using malformed files (CVE-2022-38784)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2124527 - CVE-2022-38784 poppler: integer overflow in JBIG2 decoder using malformed files

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

poppler-20.11.0-6.el8.src.rpm

SHA-256: 4a890d0acec64ca6ec67783c0cd4fb590572cc48d9cfa21ce879b9969fcf5425

x86_64

poppler-20.11.0-6.el8.i686.rpm

SHA-256: 859e9b15f191837e84356664d6f8c72a45906069b337d08173e33d607853308e

poppler-20.11.0-6.el8.x86_64.rpm

SHA-256: 9b115f05686a46d0721415521ac971cd0d0e4620adfbfbfc6aa92dd16f8b05a5

poppler-cpp-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 9465ac8fa005972087b54cb73e73b106f541dcbe38c0dd1d150077114035c4dd

poppler-cpp-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 7a257f2dd044ec7b54a259ecd03411f950a79050af5c4ae6b0edc674f993732a

poppler-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 970cdf7f3ade8ecd069b1bddaa135458438cdf006faaf9a6c8173942418bb139

poppler-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: c7bba63cfac3ccd6450228b94bd46a28a08e91abb9bd0bb9f30d5f539eed11c2

poppler-debugsource-20.11.0-6.el8.i686.rpm

SHA-256: 46b96ffeff90e3437e9452224d20ccaef62c79f80b941cf0e6b558a2875cee6c

poppler-debugsource-20.11.0-6.el8.x86_64.rpm

SHA-256: 27e46cc2e14314b709665914af888c5c47794dbf328e79e45b5e91790576dcd7

poppler-glib-20.11.0-6.el8.i686.rpm

SHA-256: e1da0786e16d61ee21978fbe170a008bffca83b30b81e5cc832a7b5de367ecb2

poppler-glib-20.11.0-6.el8.x86_64.rpm

SHA-256: 27c4e4e17a89910670cd2f7fb628870a77b3cd6d4ee8a82f1d8bbb06e8edc8b0

poppler-glib-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 5bfe9a2b1ddf4cf44c58a0f99189383ee313be2d62669279567a19451a4e5c62

poppler-glib-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 4dc69fc6fbf00f2ff8b7f681b51f646e436951e92d8e82e7c566c35ba136135c

poppler-qt5-20.11.0-6.el8.i686.rpm

SHA-256: 0edcdb6532ea7cf2a4ab010ac28128e89867a5c0f9b196c7cca6078630975a98

poppler-qt5-20.11.0-6.el8.x86_64.rpm

SHA-256: b0527f2e6d22f11e7b3ff3c1fe7451976d42a58a20951007f879a082a0c6b4d3

poppler-qt5-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 3701e1c7a52c88274fc1bc9d551407c71797c234040178f9a96532e9df475f8c

poppler-qt5-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: e0ae3c20cf04c312a25b90bb16e4154ef2f379e04563d8e8af2047fa710b0475

poppler-utils-20.11.0-6.el8.x86_64.rpm

SHA-256: cb290b7253024eaf2d7367e327df6948b1d4b79eec509e02734e8959d191d732

poppler-utils-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 7ad711ac1221427adea6b53ae39b7b09cc5d65921a549608c048f552a9b0b3d2

poppler-utils-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 95f46aa8aba92e82ee7a764958c99c54447f2d80b09d32f19a23160b2d5ecaa4

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

poppler-20.11.0-6.el8.src.rpm

SHA-256: 4a890d0acec64ca6ec67783c0cd4fb590572cc48d9cfa21ce879b9969fcf5425

s390x

poppler-20.11.0-6.el8.s390x.rpm

SHA-256: dc29d6ac83bbdb413c936a7fba09b404a8c50baef94922bd3df2cf2c58918e19

poppler-cpp-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: f33d40a4f07ede04e5b1f3ac7274a53f0262333008fe38a9db5d08e2e488accb

poppler-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 95c286cd9964ede651efe0ff1ee4c5786a326bd4576d383cdf9f9bddf94d7cd9

poppler-debugsource-20.11.0-6.el8.s390x.rpm

SHA-256: cb7c9a8ca88f6240ff558a901dba2dff14e1b8cb86f0b5788dc36ce6050b24b8

poppler-glib-20.11.0-6.el8.s390x.rpm

SHA-256: 37aa104118103fae35ce74fc8c65e3c6644117e70b9a02c11535ff47716ae971

poppler-glib-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: fc8e6900ddd2183466231bec137fda79e69649563510c14e4aa4bfa3cc3df942

poppler-qt5-20.11.0-6.el8.s390x.rpm

SHA-256: cb61f9476a939d4a605dcb60e62ede721ae59719a228ceeeaafc32b03b6150bf

poppler-qt5-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 03b410c50cd52a7a8777f7d7971e7f57f9d2102d5252aa67bec76cb86ee63a76

poppler-utils-20.11.0-6.el8.s390x.rpm

SHA-256: 72442138dc81616617ad7e5e56ba066a7bde128e4343505081a16f834b26a151

poppler-utils-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 5cd8cbbf896a256d5e327fa517904e2e8aedf8dd96e2fdd29fdbae4c58e7b90a

Red Hat Enterprise Linux for Power, little endian 8

SRPM

poppler-20.11.0-6.el8.src.rpm

SHA-256: 4a890d0acec64ca6ec67783c0cd4fb590572cc48d9cfa21ce879b9969fcf5425

ppc64le

poppler-20.11.0-6.el8.ppc64le.rpm

SHA-256: c4db8dcc03e1811758837fb0e2d52853c52d2ca1cf7eb98c968d18cb78e9547b

poppler-cpp-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: 9a3bf46443a1ea3770da00079a295c4bd049cd669887733ad66da9542a546d06

poppler-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: 3d2755d02c7e9c825e257e8196d6f4a075b12d91e854e7067d4a456487ca30cd

poppler-debugsource-20.11.0-6.el8.ppc64le.rpm

SHA-256: 2c660b195fc47b03f64ba6c0e70f8319a410316ca40ce9c0fb7ba1e4b4c33457

poppler-glib-20.11.0-6.el8.ppc64le.rpm

SHA-256: a856299fc3343d024675d83e971b78b5b74467f54a6f63f906a96c2c47716df3

poppler-glib-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: d9e160d5f63eaa8416992bbf7dce218b9fb3d5a35b2f8f0d01c5221ce3e3617d

poppler-qt5-20.11.0-6.el8.ppc64le.rpm

SHA-256: f1503b0ca7a38740b57d5f86a3cd5b00e90ead2989831b5451f25c34155d6888

poppler-qt5-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: cc087823353291f92bff14825350102583f37a3520233ebd3205490839c741ef

poppler-utils-20.11.0-6.el8.ppc64le.rpm

SHA-256: 368a4bcde00f7e7f3876419b5c8c285636c175bc8a511370e6722c17c985ef14

poppler-utils-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: e554698a9fa7821563fafd9098e4ffc427edfc5c717d9c6d52f1b6007e36c455

Red Hat Enterprise Linux for ARM 64 8

SRPM

poppler-20.11.0-6.el8.src.rpm

SHA-256: 4a890d0acec64ca6ec67783c0cd4fb590572cc48d9cfa21ce879b9969fcf5425

aarch64

poppler-20.11.0-6.el8.aarch64.rpm

SHA-256: 4a43295ef549d0edfa27e0e003d1ce9f712f296d671849b3dceda56027effb08

poppler-cpp-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: 862c2cd3d796e62bb25c05f6adcd082d3f4e09fa0e9657ddccb5f63eb49a938a

poppler-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: a8a426b77fcff00dffcde00b7e8fde3665d6810e2f7cc0d6c4c027720bdd9247

poppler-debugsource-20.11.0-6.el8.aarch64.rpm

SHA-256: 03d967202a670d8a9dcebbb2a76812178a63f3ca6de5760a1c99e954e9bed63c

poppler-glib-20.11.0-6.el8.aarch64.rpm

SHA-256: 68b326fef87096d059f45d63b07a21c73afa0dee2dee326706c966bd1e28c054

poppler-glib-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: a438b0b882ad5880f88e9d4a804d174e81a0f2e035c5c56d0dd10e4c1ea527d6

poppler-qt5-20.11.0-6.el8.aarch64.rpm

SHA-256: 2bca204e81983e1102dc0cf66cd15406656700f7a90123e9f017f0700d4aca35

poppler-qt5-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: fa9bbdedb664b4218cb53b43e331ccb8730c349cd46ad90d4d17be48eff007da

poppler-utils-20.11.0-6.el8.aarch64.rpm

SHA-256: e6d6e9b84c43055f225417a2b7f95aa2cdb8034ab05b10018b31856c74c3b032

poppler-utils-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: c7562b2267eb7a3a966f717e10fda17b3894857a3352b9eb77885883ed7a491a

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

poppler-cpp-20.11.0-6.el8.i686.rpm

SHA-256: 64293c2b8069eb825125cccedbb43654865bfa798049a87454a21ce60ed33ce7

poppler-cpp-20.11.0-6.el8.x86_64.rpm

SHA-256: 829129154046b23f4ee0149243d513dafc538aa27d3e4dee782a84502e1b7b67

poppler-cpp-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 9465ac8fa005972087b54cb73e73b106f541dcbe38c0dd1d150077114035c4dd

poppler-cpp-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 7a257f2dd044ec7b54a259ecd03411f950a79050af5c4ae6b0edc674f993732a

poppler-cpp-devel-20.11.0-6.el8.i686.rpm

SHA-256: 0b63c6d9f2afbd72d04fa40067d76f02a8cc78b966d04eaa4e48b0de0c4db929

poppler-cpp-devel-20.11.0-6.el8.x86_64.rpm

SHA-256: 832a7b04ada401869f50ebbea3cc71fe598d1401dfba4664d0ba00f357a9e932

poppler-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 970cdf7f3ade8ecd069b1bddaa135458438cdf006faaf9a6c8173942418bb139

poppler-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: c7bba63cfac3ccd6450228b94bd46a28a08e91abb9bd0bb9f30d5f539eed11c2

poppler-debugsource-20.11.0-6.el8.i686.rpm

SHA-256: 46b96ffeff90e3437e9452224d20ccaef62c79f80b941cf0e6b558a2875cee6c

poppler-debugsource-20.11.0-6.el8.x86_64.rpm

SHA-256: 27e46cc2e14314b709665914af888c5c47794dbf328e79e45b5e91790576dcd7

poppler-devel-20.11.0-6.el8.i686.rpm

SHA-256: bc25a205576bc40a3719c26cbb523b5fc799696096603e5c4301449655e02fc0

poppler-devel-20.11.0-6.el8.x86_64.rpm

SHA-256: f1d59eec79d0a71b6b6597c6127c927c6025283fd0f3461b0a61612cbe7dada4

poppler-glib-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 5bfe9a2b1ddf4cf44c58a0f99189383ee313be2d62669279567a19451a4e5c62

poppler-glib-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 4dc69fc6fbf00f2ff8b7f681b51f646e436951e92d8e82e7c566c35ba136135c

poppler-glib-devel-20.11.0-6.el8.i686.rpm

SHA-256: b10fba41c9f7379f02f8f778039f4049e197a06af992c61c1c56161304210c97

poppler-glib-devel-20.11.0-6.el8.x86_64.rpm

SHA-256: 0be5d8e074a60efd2b763002889d83c15270df8e7c5060da44870ca7cd7056a4

poppler-qt5-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 3701e1c7a52c88274fc1bc9d551407c71797c234040178f9a96532e9df475f8c

poppler-qt5-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: e0ae3c20cf04c312a25b90bb16e4154ef2f379e04563d8e8af2047fa710b0475

poppler-qt5-devel-20.11.0-6.el8.i686.rpm

SHA-256: 5876b3c26af35df6fbe00378d434cba752e8bc7c35250d85f1aec5df5d93431f

poppler-qt5-devel-20.11.0-6.el8.x86_64.rpm

SHA-256: a30f3a211f01a7e46a2494865fa671c451ae97dbb867f429f0eac095cf73654d

poppler-utils-debuginfo-20.11.0-6.el8.i686.rpm

SHA-256: 7ad711ac1221427adea6b53ae39b7b09cc5d65921a549608c048f552a9b0b3d2

poppler-utils-debuginfo-20.11.0-6.el8.x86_64.rpm

SHA-256: 95f46aa8aba92e82ee7a764958c99c54447f2d80b09d32f19a23160b2d5ecaa4

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

poppler-cpp-20.11.0-6.el8.ppc64le.rpm

SHA-256: 61787ba7cfa3ad2d4b0fc5fdcd0bf0971de195aa732eb6f01d6a7043c43012f2

poppler-cpp-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: 9a3bf46443a1ea3770da00079a295c4bd049cd669887733ad66da9542a546d06

poppler-cpp-devel-20.11.0-6.el8.ppc64le.rpm

SHA-256: 07d125c6cb97f55fbe4facf2b0d7fc9924cb31630309d43e0b30cdd08cda2e2e

poppler-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: 3d2755d02c7e9c825e257e8196d6f4a075b12d91e854e7067d4a456487ca30cd

poppler-debugsource-20.11.0-6.el8.ppc64le.rpm

SHA-256: 2c660b195fc47b03f64ba6c0e70f8319a410316ca40ce9c0fb7ba1e4b4c33457

poppler-devel-20.11.0-6.el8.ppc64le.rpm

SHA-256: 1488c4e4bb48b8186eb1396a3a1cd3e97cf91a20891ff904fda4d3d6533cc2b9

poppler-glib-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: d9e160d5f63eaa8416992bbf7dce218b9fb3d5a35b2f8f0d01c5221ce3e3617d

poppler-glib-devel-20.11.0-6.el8.ppc64le.rpm

SHA-256: 3814d240d88702da00ae9e21527836baf967955dde4eb3acbd26f6de7c044182

poppler-qt5-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: cc087823353291f92bff14825350102583f37a3520233ebd3205490839c741ef

poppler-qt5-devel-20.11.0-6.el8.ppc64le.rpm

SHA-256: 11c9ec4259afd1730521af0cd02266bceaaf90846bf852d43b9bdd9bd7e89010

poppler-utils-debuginfo-20.11.0-6.el8.ppc64le.rpm

SHA-256: e554698a9fa7821563fafd9098e4ffc427edfc5c717d9c6d52f1b6007e36c455

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

poppler-cpp-20.11.0-6.el8.aarch64.rpm

SHA-256: d2c44bddc986f6475da8901d6bd6c83672132defd244ab5735f206ff6df241c0

poppler-cpp-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: 862c2cd3d796e62bb25c05f6adcd082d3f4e09fa0e9657ddccb5f63eb49a938a

poppler-cpp-devel-20.11.0-6.el8.aarch64.rpm

SHA-256: b9175a35dba7600c090be8070b557391e4c5e685b6e21f99ebe0ed4ef858c2b4

poppler-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: a8a426b77fcff00dffcde00b7e8fde3665d6810e2f7cc0d6c4c027720bdd9247

poppler-debugsource-20.11.0-6.el8.aarch64.rpm

SHA-256: 03d967202a670d8a9dcebbb2a76812178a63f3ca6de5760a1c99e954e9bed63c

poppler-devel-20.11.0-6.el8.aarch64.rpm

SHA-256: e993af40a2bd55b6931f328076f364a2b112be1e5466da7772365ffe519aad1d

poppler-glib-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: a438b0b882ad5880f88e9d4a804d174e81a0f2e035c5c56d0dd10e4c1ea527d6

poppler-glib-devel-20.11.0-6.el8.aarch64.rpm

SHA-256: cdfa162f433192b11be151bb7bb932995c35e8609e0b3cf541395ddc12853f9f

poppler-qt5-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: fa9bbdedb664b4218cb53b43e331ccb8730c349cd46ad90d4d17be48eff007da

poppler-qt5-devel-20.11.0-6.el8.aarch64.rpm

SHA-256: 08f64aa47b43f3f07c42be95ee75847dfe9deab1095f17ade01854a940e43717

poppler-utils-debuginfo-20.11.0-6.el8.aarch64.rpm

SHA-256: c7562b2267eb7a3a966f717e10fda17b3894857a3352b9eb77885883ed7a491a

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

poppler-cpp-20.11.0-6.el8.s390x.rpm

SHA-256: e34c0b99b35fa24c359912d3ba139c838a254524561341654a32c9b5cb9bd6eb

poppler-cpp-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: f33d40a4f07ede04e5b1f3ac7274a53f0262333008fe38a9db5d08e2e488accb

poppler-cpp-devel-20.11.0-6.el8.s390x.rpm

SHA-256: 72ebb1703fc166fdabbe1d6995f8d96c1c1c5343fac53e75e3c079e834eef493

poppler-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 95c286cd9964ede651efe0ff1ee4c5786a326bd4576d383cdf9f9bddf94d7cd9

poppler-debugsource-20.11.0-6.el8.s390x.rpm

SHA-256: cb7c9a8ca88f6240ff558a901dba2dff14e1b8cb86f0b5788dc36ce6050b24b8

poppler-devel-20.11.0-6.el8.s390x.rpm

SHA-256: 6d836af2a3217d3cadf2288c3e93ebb122c0ac35632b765f717f128cf1c0e5d2

poppler-glib-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: fc8e6900ddd2183466231bec137fda79e69649563510c14e4aa4bfa3cc3df942

poppler-glib-devel-20.11.0-6.el8.s390x.rpm

SHA-256: 48078cb3c3087f3ff5c54b6e2451c0aefc5134ece177df156023c53d6461d93a

poppler-qt5-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 03b410c50cd52a7a8777f7d7971e7f57f9d2102d5252aa67bec76cb86ee63a76

poppler-qt5-devel-20.11.0-6.el8.s390x.rpm

SHA-256: 4d7e4b24f9fc61b92d1196ab0814bc409bccc983cc9c48f533de872747fa55e6

poppler-utils-debuginfo-20.11.0-6.el8.s390x.rpm

SHA-256: 5cd8cbbf896a256d5e327fa517904e2e8aedf8dd96e2fdd29fdbae4c58e7b90a

Related news

Red Hat Security Advisory 2023-2259-01

Red Hat Security Advisory 2023-2259-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Issues addressed include an integer overflow vulnerability.

RHSA-2023:2259: Red Hat Security Advisory: poppler security and bug fix update

An update for poppler is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38784: An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could result in a crash or may lead to the execution of ...

Gentoo Linux Security Advisory 202209-21

Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.

Ubuntu Security Notice USN-5606-1

Ubuntu Security Notice 5606-1 - It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

CVE-2022-38784: Poppler

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.