{"id":"USN-5606-2","summary":"poppler regression","details":"USN-5606-1 fixed a vulnerability in poppler. Unfortunately it was missing a\ncommit to fix it properly.  This update provides\nthe corresponding fix for Ubuntu 18.04 LTS and Ubuntu 16.04 ESM.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\n It was discovered that poppler incorrectly handled certain\n PDF. An attacker could possibly use this issue to cause a\n denial of service or execute arbitrary code.\n","modified":"2026-04-22T10:27:46.552562Z","published":"2022-09-14T23:09:09Z","related":["UBUNTU-CVE-2022-38784"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5606-2"},{"type":"REPORT","url":"https://launchpad.net/bugs/1989515"}],"affected":[{"package":{"name":"poppler","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/poppler@0.41.0-0ubuntu1.16+esm2?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.41.0-0ubuntu1.16+esm2"}]}],"versions":["0.33.0-0ubuntu3","0.37.0-0ubuntu1","0.38.0-0ubuntu1","0.41.0-0ubuntu1","0.41.0-0ubuntu1.1","0.41.0-0ubuntu1.2","0.41.0-0ubuntu1.3","0.41.0-0ubuntu1.4","0.41.0-0ubuntu1.5","0.41.0-0ubuntu1.6","0.41.0-0ubuntu1.7","0.41.0-0ubuntu1.8","0.41.0-0ubuntu1.9","0.41.0-0ubuntu1.10","0.41.0-0ubuntu1.11","0.41.0-0ubuntu1.12","0.41.0-0ubuntu1.13","0.41.0-0ubuntu1.14","0.41.0-0ubuntu1.15","0.41.0-0ubuntu1.16","0.41.0-0ubuntu1.16+esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"gir1.2-poppler-0.18"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"libpoppler-cpp0"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"libpoppler-glib8"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"libpoppler-qt4-4"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"libpoppler-qt5-1"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"libpoppler58"},{"binary_version":"0.41.0-0ubuntu1.16+esm2","binary_name":"poppler-utils"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:16.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5606-2.json"}},{"package":{"name":"poppler","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/poppler@0.62.0-2ubuntu2.14?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.62.0-2ubuntu2.14"}]}],"versions":["0.57.0-2ubuntu4","0.57.0-2ubuntu5","0.62.0-1ubuntu1","0.62.0-2ubuntu1","0.62.0-2ubuntu2","0.62.0-2ubuntu2.1","0.62.0-2ubuntu2.2","0.62.0-2ubuntu2.4","0.62.0-2ubuntu2.5","0.62.0-2ubuntu2.6","0.62.0-2ubuntu2.7","0.62.0-2ubuntu2.8","0.62.0-2ubuntu2.9","0.62.0-2ubuntu2.10","0.62.0-2ubuntu2.11","0.62.0-2ubuntu2.12","0.62.0-2ubuntu2.13"],"ecosystem_specific":{"binaries":[{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"gir1.2-poppler-0.18"},{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"libpoppler-cpp0v5"},{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"libpoppler-glib8"},{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"libpoppler-qt5-1"},{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"libpoppler73"},{"binary_version":"0.62.0-2ubuntu2.14","binary_name":"poppler-utils"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:18.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5606-2.json"}}],"schema_version":"1.7.5"}