cbcvebase.
CVE-2022-24107
published 2022-08-30

CVE-2022-24107: Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianxpdf
glyphandcogxpdfreader< 4.044.04

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH