cbcvebase.
CVE-2024-46657
published 2024-12-10

CVE-2024-46657: Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to…

medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

Affected

8 ranges
VendorProductVersion rangeFixed in
artifexmupdf
artifexmupdf>= 0 < 1.25.1+ds1-51.25.1+ds1-5
artifexmupdf>= 0 < 1.25.1+ds1-51.25.1+ds1-5
artifexmupdf>= 0 < 1.12.0+ds1-1ubuntu0.1~esm21.12.0+ds1-1ubuntu0.1~esm2
artifexmupdf>= 0 < 1.16.1+ds1-1ubuntu1+esm21.16.1+ds1-1ubuntu1+esm2
artifexmupdf>= 0 < 1.19.0+ds1-2ubuntu0.1~esm11.19.0+ds1-2ubuntu0.1~esm1
artifexmupdf>= 0 < 1.23.10+ds1-1ubuntu0.1~esm11.23.10+ds1-1ubuntu0.1~esm1
debianmupdf< mupdf 1.25.1+ds1-5 (forky)mupdf 1.25.1+ds1-5 (forky)

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.5HIGH