Vulnerability Details CVE-2022-24106
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.9%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-24106
-
cpe:2.3:a:glyphandcog:xpdfreader:0.2
-
cpe:2.3:a:glyphandcog:xpdfreader:0.3
-
cpe:2.3:a:glyphandcog:xpdfreader:0.4
-
cpe:2.3:a:glyphandcog:xpdfreader:0.5
-
cpe:2.3:a:glyphandcog:xpdfreader:0.6
-
cpe:2.3:a:glyphandcog:xpdfreader:0.7
-
cpe:2.3:a:glyphandcog:xpdfreader:0.80
-
cpe:2.3:a:glyphandcog:xpdfreader:0.90
-
cpe:2.3:a:glyphandcog:xpdfreader:0.91
-
cpe:2.3:a:glyphandcog:xpdfreader:0.92
-
cpe:2.3:a:glyphandcog:xpdfreader:0.93
-
cpe:2.3:a:glyphandcog:xpdfreader:1.00
-
cpe:2.3:a:glyphandcog:xpdfreader:1.01
-
cpe:2.3:a:glyphandcog:xpdfreader:2.00
-
cpe:2.3:a:glyphandcog:xpdfreader:2.01
-
cpe:2.3:a:glyphandcog:xpdfreader:2.02
-
cpe:2.3:a:glyphandcog:xpdfreader:2.03
-
cpe:2.3:a:glyphandcog:xpdfreader:3.00
-
cpe:2.3:a:glyphandcog:xpdfreader:3.01
-
cpe:2.3:a:glyphandcog:xpdfreader:3.02
-
cpe:2.3:a:glyphandcog:xpdfreader:3.03
-
cpe:2.3:a:glyphandcog:xpdfreader:3.04
-
cpe:2.3:a:glyphandcog:xpdfreader:4.00
-
cpe:2.3:a:glyphandcog:xpdfreader:4.01
-
cpe:2.3:a:glyphandcog:xpdfreader:4.01.01
-
cpe:2.3:a:glyphandcog:xpdfreader:4.02
-
cpe:2.3:a:glyphandcog:xpdfreader:4.03