How severe is CVE-2024-7868?

CVE-2024-7868 has a CVSS v3 score of 8.2 (HIGH).

CVE-2024-7868

Name: xpdf
Author: xpdfreader

8.2HIGH

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from

Опубликовано: 8/15/2024Обновлено: 10/6/2025

Описание

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

ИИ-АнализНа базе ИИ

Затронутые продукты

xpdfreaderxpdf

Ссылки

https://www.xpdfreader.com/security-bug/CVE-2024-7868.html
Vendor Advisory