A logic error in the Hints::Hints function of Poppler v22.03.0 allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file. (CVE-2022-27337) Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. (CVE-2022-38784)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freedesktop poppler |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |
||
fedoraproject fedora 35 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |