Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mupdf
(Artifex)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 60 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-30 | CVE-2018-19777 | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | Mupdf, Debian_linux | 5.5 | ||
| 2018-12-06 | CVE-2018-19882 | In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. | Mupdf | 5.5 | ||
| 2020-01-23 | CVE-2012-5340 | SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file. | Mupdf, Sumatrapdf | 7.8 | ||
| 2017-03-15 | CVE-2017-6060 | Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. | Mupdf, Debian_linux | 7.8 | ||
| 2017-10-18 | CVE-2017-15587 | An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | Mupdf | 7.8 | ||
| 2018-01-24 | CVE-2018-6187 | In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file. | Mupdf, Debian_linux | 5.5 | ||
| 2018-01-24 | CVE-2018-6192 | In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | Mupdf, Debian_linux | 5.5 | ||
| 2018-02-09 | CVE-2018-1000051 | Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF. | Mupdf, Debian_linux | 7.8 | ||
| 2019-01-11 | CVE-2019-6130 | Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c. | Mupdf | 5.5 | ||
| 2019-01-11 | CVE-2019-6131 | svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | Mupdf | 5.5 |