First Last Prev Next    This bug is not in your last search results.
Bug 1202698 - (CVE-2022-33108) VUL-0: CVE-2022-33108: poppler: a stack overflow vulnerability via the Object:Copy class of object.cc
(CVE-2022-33108)
VUL-0: CVE-2022-33108: poppler: a stack overflow vulnerability via the Object...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Peter Simons
Security Team bot
https://smash.suse.de/issue/335800/
CVSSv3.1:SUSE:CVE-2022-33108:7.8:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-08-24 12:01 UTC by Hu
Modified: 2022-08-29 10:40 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
poc (1.10 KB, application/pdf)
2022-08-29 10:40 UTC, Hu 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Hu 2022-08-24 12:02:11 UTC 
The fix will be in xpdf 4.05, lets wait for that.
Comment 2 Hu 2022-08-29 10:38:48 UTC 
Okay, nevermind I could not reproduce this with the latest poppler version (6b5437a07535d5fd07c114e71c2cbff9b2a2f454), so I would close this as not affected.
Comment 3 Hu 2022-08-29 10:40:20 UTC 
Created attachment 861163 [details]
poc
First Last Prev Next    This bug is not in your last search results.