Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mupdf vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-19882
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote malicious users to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19777
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
Artifex Mupdf 1.14.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-18662
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote malicious users to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2018-1000037
In MuPDF 1.12.0 and previous versions, multiple reachable assertions in the PDF parser allow an malicious user to cause a denial of service (assert crash) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-1000036
In MuPDF 1.12.0 and previous versions, multiple memory leaks in the PDF parser allow an malicious user to cause a denial of service (memory leak) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-1000040
In MuPDF 1.12.0 and previous versions, multiple use of uninitialized value bugs in the PDF parser could allow an malicious user to cause a denial of service (crash) or influence program flow via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-10289
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Artifex Mupdf 1.13.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-6544
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote malicious users to cause a denial of service via a crafted PDF document.
Artifex Mupdf 1.12.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »