Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-30T02:58:33.566936Z

Updated: 2024-09-17T03:54:54.096Z

Reserved: 2022-08-26T00:00:00

Link: CVE-2022-38784

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-08-30T03:15:07.307

Modified: 2024-11-21T07:17:04.843

Link: CVE-2022-38784

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-08-30T00:00:00Z

Links: CVE-2022-38784 - Bugzilla