Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-6130
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2019-6131
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote malicious users to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19882
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote malicious users to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-19777
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
Artifex Mupdf 1.14.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-18662
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Artifex Mupdf 1.14.0
5.5
CVSSv3
CVE-2018-16647
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote malicious users to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2018-16648
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote malicious users to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
Artifex Mupdf 1.13.0
5.5
CVSSv3
CVE-2018-1000036
In MuPDF 1.12.0 and previous versions, multiple memory leaks in the PDF parser allow an malicious user to cause a denial of service (memory leak) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2018-1000037
In MuPDF 1.12.0 and previous versions, multiple reachable assertions in the PDF parser allow an malicious user to cause a denial of service (assert crash) via a crafted file.
Artifex Mupdf
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »