Poppler <=22.08.0 Integer Overflow in JBIG2 Decoder
CVE-2022-38784 Published on August 30, 2022

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2022-38784

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-38784 are published in these products:

FreeDesktop Poppler

Debian Linux

Fedora Project Fedora

Poppler

Exploit Probability

EPSS

0.08%

Percentile

24.53%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Poppler <=22.08.0 Integer Overflow in JBIG2 DecoderCVE-2022-38784 Published on August 30, 2022

Products Associated with CVE-2022-38784

Exploit Probability

Poppler <=22.08.0 Integer Overflow in JBIG2 Decoder
CVE-2022-38784 Published on August 30, 2022