How severe is CVE-2024-7868?

CVE-2024-7868 has a CVSS v3 score of 8.2 (HIGH).

CVE-2024-7868

Name: xpdf
Author: xpdfreader

8.2HIGH

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from

公開日: 8/15/2024更新日: 10/6/2025

説明

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

AI分析AIによる分析

影響を受ける製品

xpdfreaderxpdf

参照

https://www.xpdfreader.com/security-bug/CVE-2024-7868.html
Vendor Advisory