CVE-2022-38266

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-38266
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38266.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-38266
Downstream
Published
2022-09-09T00:00:00Z
Modified
2026-05-19T12:03:11.850855102Z
Summary
[none]
Details

An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.

Database specific 
{
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/38xxx/CVE-2022-38266.json"
}
References

Affected packages

Git / github.com/danbloomberg/leptonica

Affected ranges

Type
GIT
Repo
https://github.com/danbloomberg/leptonica
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1ac72c93fef1a5eb76b76d6723d2aee843dd6e51
Fixed
f062b42c0ea8dddebdc6a152fd16152de215d614
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.80.0"
        }
    ],
    "cpe": "cpe:2.3:a:leptonica:leptonica:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_FIELD",
        "REFERENCES"
    ]
}

Affected versions

1.*
1.74.0
1.74.1
1.74.2
1.74.3
1.74.4
1.75.0
1.75.1
1.75.2
1.75.3
1.76.0
1.77.0
1.78.0
1.79.0
1.80.0
v1.*
v1.42
v1.44
v1.46
v1.48
v1.50
v1.52
v1.54
v1.56
v1.58
v1.60
v1.61
v1.62
v1.63
v1.64
v1.65
v1.66
v1.67
v1.68
v1.69
v1.70
v1.71
v1.72
v1.73
v1.74.3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38266.json"

Git / github.com/tesseract-ocr/tesseract

Affected ranges

Type
GIT
Repo
https://github.com/tesseract-ocr/tesseract
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bfe1616b4eef525e4fc30405fc41260f40ffee5e
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.0.0-alpha\\-20210401"
        }
    ],
    "cpe": "cpe:2.3:a:tesseract_project:tesseract:5.0.0:alpha-20210401:*:*:*:*:*:*",
    "source": "CPE_FIELD"
}

Affected versions

1.*
1.03
1.04
1.04b
2.*
2.00
2.01
2.02
2.03
2.04
3.*
3.00
3.01
3.02.02
3.03-rc1
3.04.00
3.05.00dev
4.*
4.0.0
4.0.0-alpha
4.0.0-beta.1
4.0.0-beta.3
4.0.0-beta.4
4.0.0-rc3
4.0.0-rc4
4.00.00alpha
4.00.00dev
4.1.0-rc1
5.*
5.0.0-alpha
5.0.0-alpha-20201224
5.0.0-alpha-20201231
5.0.0-alpha-20210401

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38266.json"