CVE-2022-24106

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-24106

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24106.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24106

Downstream

DEBIAN-CVE-2022-24106

ECHO-9bf0-cd5c-d541

UBUNTU-CVE-2022-24106

Related

MGASA-2022-0320

Published

2022-08-30T04:15:10Z

Modified

2025-08-09T19:01:26Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

References

Affected packages