Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-24258
freeglut 3.4.0 exists to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
Artifex Mupdf 1.23.9
5.5
CVSSv3
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote malicious users to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19882
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote malicious users to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
9.8
CVSSv3
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
7.5
CVSSv3
CVE-2023-51103
A floating point exception (divide-by-zero) vulnerability exists in mupdf 1.23.4 in functon fz_new_pixmap_from_float_data() of pixmap.c.
Artifex Mupdf 1.23.4
5.5
CVSSv3
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote malicious users to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2020-26683
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows malicious users to obtain sensitive information.
Artifex Mupdf 1.17.0
5.5
CVSSv3
CVE-2020-21896
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote malicious users to cause a denial of service via opening of a crafted PDF file.
Artifex Mupdf 1.16.0
5.5
CVSSv3
CVE-2021-37220
MuPDF up to and including 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Artifex Mupdf
Fedoraproject Fedora 34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »