CVE-2022-24107

CWE-190Integer Overflow7 documents6 sources
Severity
7.8HIGH
EPSS
0.1%
top 67.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Glyphandcog Xpdfreader
Timeline
PublishedAug 30
Latest updateJan 29

Description

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Ubuntutexlive-bin< 2021.20210626.59705-1ubuntu0.3+3

🔴Vulnerability Details

4
OSV
texlive-bin vulnerabilities2026-01-29
GHSA
GHSA-xwhw-9p7r-3vq8: Xpdf prior to 42022-08-31
OSV
CVE-2022-24107: Xpdf prior to 42022-08-30
CVEList
CVE-2022-24107: Xpdf prior to 42022-08-30

📋Vendor Advisories

2
Ubuntu
TeX Live vulnerabilities2026-01-29
Debian
CVE-2022-24107: xpdf - Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.2022
CVE-2022-24107 (HIGH CVSS 7.8) | Xpdf prior to 4.04 lacked an intege | cvebase.io