How severe is CVE-2024-7868?

CVE-2024-7868 has a CVSS v3 score of 8.2 (HIGH).

CVE-2024-7868

Name: xpdf
Author: xpdfreader

8.2HIGH

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from

Publicado: 8/15/2024Actualizado: 10/6/2025

Descripción

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

Análisis IAImpulsado por IA

Productos Afectados

xpdfreaderxpdf

Referencias

https://www.xpdfreader.com/security-bug/CVE-2024-7868.html
Vendor Advisory