Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-17858
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote malicious user to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.
Artifex Mupdf 1.12.0
1 Github repository
5.5
CVSSv3
CVE-2020-21896
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote malicious users to cause a denial of service via opening of a crafted PDF file.
Artifex Mupdf 1.16.0
7.8
CVSSv3
CVE-2017-14686
Artifex MuPDF 1.11 allows malicious users to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_im...
Artifex Mupdf 1.11
7.8
CVSSv3
CVE-2017-15587
An integer overflow exists in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
Artifex Mupdf 1.11
9.8
CVSSv3
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2023-31794
MuPDF v1.21.1 exists to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PDF file.
Artifex Mupdf 1.21.1
7.5
CVSSv3
CVE-2024-24258
freeglut 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
Artifex Mupdf 1.23.9
7.5
CVSSv3
CVE-2024-24259
freeglut up to and including 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.
Artifex Mupdf 1.23.9
5.5
CVSSv3
CVE-2021-37220
MuPDF up to and including 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Artifex Mupdf
Fedoraproject Fedora 34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »