CVE-2022-38784

HIGH

Security Bulletin: Vulnerabilities in poppler affects IBM Netezza Appliance

Details

CVSS v3: 7.8
NVD published: 2022-08-30 03:15:07
EPSS: <0.1% probability · 24.5th percentile — 2026-04-17
Affected versions: cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
Summary: Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Remediation: Not available in our cache.
Exploit info: https://github.com/zmanion/Vulnerabilities/blob/main/CVE-2022-38171.md

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.