How severe is CVE-2024-7868?

CVE-2024-7868 has a CVSS v3 score of 8.2 (HIGH).

CVE-2024-7868

Name: xpdf
Author: xpdfreader

8.2HIGH

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from

发布于: 8/15/2024更新于: 10/6/2025

描述

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

AI分析AI驱动

受影响产品

xpdfreaderxpdf

参考资料

https://www.xpdfreader.com/security-bug/CVE-2024-7868.html
Vendor Advisory