CVE-2018-1000036
published 2018-05-24CVE-2018-1000036: In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | mupdf | <= 1.12.0 | — |
| artifex | mupdf | >= 0 < 1.14.0+ds1-1 | 1.14.0+ds1-1 |
| artifex | mupdf | >= 0 < 1.14.0+ds1-1 | 1.14.0+ds1-1 |
| artifex | mupdf | >= 0 < 1.14.0+ds1-1 | 1.14.0+ds1-1 |
| artifex | mupdf | >= 0 < 1.14.0+ds1-1 | 1.14.0+ds1-1 |
| artifex | mupdf | >= 0 < 1.7a-1ubuntu0.1~esm1 | 1.7a-1ubuntu0.1~esm1 |
| artifex | mupdf | >= 0 < 1.12.0+ds1-1ubuntu0.1~esm1 | 1.12.0+ds1-1ubuntu0.1~esm1 |
| artifex | mupdf | >= 0 < 1.16.1+ds1-1ubuntu1+esm1 | 1.16.1+ds1-1ubuntu1+esm1 |
| debian | debian_linux | — | — |
| debian | mupdf | < mupdf 1.14.0+ds1-1 (bookworm) | mupdf 1.14.0+ds1-1 (bookworm) |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv5.5MEDIUM