Skip to main content
CVE-2024-7868 LOW Monitor

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Xpdf
NVD
CVSS 4.0
2.1
EPSS
0.4%
CVE-2024-7867 LOW Monitor

In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow Xpdf
NVD
CVSS 4.0
2.1
EPSS
0.2%
CVE-2024-7866 LOW Monitor

In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Xpdf
NVD
CVSS 4.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy