cvedb.io
CVE-2022-24106
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2022-08-30T04:15:10.523 · Last modified 2026-06-17T04:31:18.100

Summary

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

Affected products

glyphandcog — xpdfreader

Does this affect you?

Add your gear to cvedb and we'll alert you only when glyphandcog ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.