VYPR
Unrated severityNVD Advisory· Published Aug 15, 2022· Updated Aug 3, 2024

CVE-2022-38222

CVE-2022-38222

Description

There is a use-after-free issue in JBIG2Stream::close() located in JBIG2Stream.cc in Xpdf 4.04. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.

Affected products

2
  • Xpdf/Xpdfcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =4.04

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.