CVE-2022-37050

Published: Aug 22, 2023

Modified: Nov 3, 2025

PUBLISHED

Description

In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274

https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990

[debian-lts-announce] 20231016 [SECURITY] [DLA 3620-1] poppler security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-37050

Description

Affected Products

References