CVE-2022-38266
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-38266
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38266.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-38266
- Downstream
- Related
- Published
- 2022-09-09T22:15:08Z
- Modified
- 2025-09-16T07:25:29.212331Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.
- References
Affected packages
Debian:11 / leptonlib
Package
- Name
- leptonlib
- Purl
- pkg:deb/debian/leptonlib?arch=source
Debian:12 / leptonlib
Package
- Name
- leptonlib
- Purl
- pkg:deb/debian/leptonlib?arch=source
Debian:13 / leptonlib
Package
- Name
- leptonlib
- Purl
- pkg:deb/debian/leptonlib?arch=source
Debian:14 / leptonlib
Package
- Name
- leptonlib
- Purl
- pkg:deb/debian/leptonlib?arch=source
Git / github.com/danbloomberg/leptonica
Affected ranges
- Type
- GIT
- Repo
- https://github.com/danbloomberg/leptonica
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.74.0
1.74.1
1.74.2
1.74.3
1.74.4
1.75.0
1.75.1
1.75.2
1.75.3
1.76.0
1.77.0
1.78.0
1.79.0
1.80.0
v1.*
v1.42
v1.44
v1.46
v1.48
v1.50
v1.52
v1.54
v1.56
v1.58
v1.60
v1.61
v1.62
v1.63
v1.64
v1.65
v1.66
v1.67
v1.68
v1.69
v1.70
v1.71
v1.72
v1.73
v1.74.3
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1686.0,
"function_hash": "59129913913116863254399662588375971480"
},
"target": {
"file": "src/convolve.c",
"function": "pixBlockconvGrayUnnormalized"
},
"id": "CVE-2022-38266-4c463b66"
},
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1618.0,
"function_hash": "194222966182329504728387874506443469864"
},
"target": {
"file": "src/convolve.c",
"function": "pixBlockconv"
},
"id": "CVE-2022-38266-91c838bd"
},
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1527.0,
"function_hash": "323184524258691851030899488063032088414"
},
"target": {
"file": "src/convolve.c",
"function": "pixBlockconvGray"
},
"id": "CVE-2022-38266-c76f3ee1"
},
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 2194.0,
"function_hash": "39439380929416837345246590450696758342"
},
"target": {
"file": "src/convolve.c",
"function": "pixBlockconvGrayTile"
},
"id": "CVE-2022-38266-cb836c1d"
},
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 2567.0,
"function_hash": "180701578817914977685385312801661336524"
},
"target": {
"file": "src/convolve.c",
"function": "pixBlockconvTiled"
},
"id": "CVE-2022-38266-e2b76f04"
},
{
"source": "https://github.com/danbloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"142687944739401579783131108414656574288",
"201034062270534434585309635036179873261",
"101783779189858749710641693804126539815",
"177744396246047488489194760855635114409",
"217589891281716741905835003467922133520",
"155683930248614161309172936765146549454",
"37506900475782981709958996936800992918",
"282478721701590122475323442718811071483",
"233011679236363123113219388198761283272",
"49392454193378923140811332590611124867",
"9067327562013312912910259027634227939",
"12883704884094609281377949045773782924",
"327218352251503874326669195827928492276",
"294121515046791657667602444602285262480",
"207142706606592774765602656220960572315",
"12222187284888431553617024287988557489",
"335708050602849182361241438808612780105",
"273190317129502251305573892345269088399",
"213879578030313125294466309702231906333",
"330758579395098673704251417818538732111",
"277634281680104543084564387921110093272",
"234399478704867573224167617820491456335",
"326992608877239575338370915842390145606",
"132519317142346173665876172504554225279",
"22967763679373302999880892390882686850",
"312050227442871115472828413956502599715",
"59751550462060623743221248628764117505",
"329430227547791698376518571957255319509",
"34033495885621572044534756974432024175",
"65526839783685569942649588610550413665",
"77172213489155824004775962567308884593",
"189574982104400772993845319624246771397",
"27022845058259732042057004757373641379",
"277634281680104543084564387921110093272",
"234399478704867573224167617820491456335",
"246330173764435942135663721713876577066",
"267402451749325548163667999315092784561",
"327923074142843513087545911780942418794",
"49392454193378923140811332590611124867",
"9067327562013312912910259027634227939",
"12883704884094609281377949045773782924",
"327218352251503874326669195827928492276",
"221428782169730216980215117190589113496",
"31073836214758061296356562278722204445",
"99977816857742590904248979134399984847",
"267239025807955049617846560215301477850",
"127108136492156484424137653987206393232",
"242807067124057227392065283883483273238",
"203847020159918041326901726742149685747",
"303951206095874250475428804308662388515",
"217589891281716741905835003467922133520",
"155683930248614161309172936765146549454",
"254293335870146152726450040941591846685",
"271133023252533924224536176015979280823",
"224617697264196646143856594971000659818",
"63222152649205545579919925561021139258",
"23806955609469060016949701792431265145",
"2243106916923003485090074722572399265",
"327218352251503874326669195827928492276",
"294121515046791657667602444602285262480",
"196227737742390761144735229993778786888",
"60610115532862508938111502255048473496",
"292041053284100144147188576584411216981",
"139655666406197187178269811872080222488",
"283063029091975466058256926695650597776",
"199434952921222096222325468973401162100",
"223910543448937513266648854872693316858",
"21485823792907979205906084238426050261",
"277634281680104543084564387921110093272",
"234399478704867573224167617820491456335",
"149274144685923177013481437625494919520",
"58043111826102603363978491591292522334",
"274766323238895867572016565634330636165",
"63222152649205545579919925561021139258",
"23806955609469060016949701792431265145",
"2243106916923003485090074722572399265",
"327218352251503874326669195827928492276",
"221428782169730216980215117190589113496",
"167931248247221954988336405880508340683",
"112938284272344783442952300490258812142",
"318260020435716496059788782436673968704"
]
},
"target": {
"file": "src/convolve.c"
},
"id": "CVE-2022-38266-f066cb69"
}
]
}