Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf 1.14.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2019-6131
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-18662
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Artifex Mupdf 1.14.0
9.8
CVSSv3
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote malicious users to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19882
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote malicious users to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19777
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
Artifex Mupdf 1.14.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2019-13290
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote malicious users to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a displ...
Artifex Mupdf 1.15.0
5.5
CVSSv3
CVE-2020-26519
Artifex MuPDF prior to 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing malicious users to cause a denial of service.
Artifex Mupdf
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started