CVE-2022-38349 Information

Description

An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.

Reference

https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282 https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28