How severe is CVE-2024-7868?

CVE-2024-7868 has a CVSS v3 score of 8.2 (HIGH).

CVE-2024-7868

Name: xpdf
Author: xpdfreader

8.2HIGH

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from

Publicado: 8/15/2024Atualizado: 10/6/2025

Descrição

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

Análise IADesenvolvido por IA

Produtos Afetados

xpdfreaderxpdf

Referências

https://www.xpdfreader.com/security-bug/CVE-2024-7868.html
Vendor Advisory