cbcvebase.

Artifex Mupdf vulnerabilities

68 known vulnerabilities affecting artifex/mupdf.

Total CVEs
68
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH28MEDIUM36LOW1

Vulnerabilities

Page 2 of 4
CVE-2024-24258P3HIGHCVSS 7.5v1.23.92024-02-05
CVE-2024-24258 [HIGH] CWE-401 CVE-2024-24258: freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubM freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.
nvd
CVE-2023-51104P3HIGHCVSS 7.5v1.23.42023-12-26
CVE-2023-51104 [HIGH] CWE-369 CVE-2023-51104: A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero.
nvd
CVE-2023-51103P3HIGHCVSS 7.5v1.23.42023-12-26
CVE-2023-51103 [HIGH] CWE-369 CVE-2023-51103: A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c.
nvdosv
CVE-2023-51105P3HIGHCVSS 7.5v1.23.42023-12-26
CVE-2023-51105 [HIGH] CWE-369 CVE-2023-51105: A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
nvd
CVE-2023-51106P3HIGHCVSS 7.5v1.23.42023-12-26
CVE-2023-51106 [HIGH] CWE-369 CVE-2023-51106: A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.
nvd
CVE-2023-51107P3HIGHCVSS 7.5v1.23.42023-12-26
CVE-2023-51107 [HIGH] CWE-369 CVE-2023-51107: A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product.
nvd
CVE-2025-15569P3HIGHCVSS 7.0v1.26.0v1.26.12026-02-10
CVE-2025-15569 [HIGH] CWE-426 CVE-2025-15569: A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The exploitability is regarded as difficult. Upgrading to version
nvd
CVE-2017-17866P4HIGHCVSS 7.8fixed in 1.12.02017-12-27
CVE-2017-17866 [HIGH] CWE-119 CVE-2017-17866: pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair opera pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
nvdosv
CVE-2017-15587P4HIGHCVSS 7.8v1.112017-10-18
CVE-2017-15587 [HIGH] CWE-190 CVE-2017-15587: An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1 An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.
nvdosv
CVE-2017-15369P4HIGHCVSS 7.8≤ 1.112017-10-16
CVE-2017-15369 [HIGH] CWE-416 CVE-2017-15369: The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document.
nvd
CVE-2026-7233P4MEDIUMCVSS 6.1≤ 1.27.2v1.0+28 more2026-04-28
CVE-2026-7233 [MEDIUM] CWE-119 CVE-2026-7233: A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function f A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informe
nvd
CVE-2017-14685P4HIGHCVSS 7.8v1.112017-09-22
CVE-2017-14685 [HIGH] CWE-119 CVE-2017-14685: Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be lo
nvdosv
CVE-2025-46206P4MEDIUMCVSS 6.5≤ 1.25.62025-08-04
CVE-2025-46206 [MEDIUM] CWE-674 CVE-2025-46206: An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via a An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion
nvdosv
CVE-2017-14687P4HIGHCVSS 7.8v1.112017-09-22
CVE-2017-14687 [HIGH] CWE-119 CVE-2017-14687: Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons.
nvdosv
CVE-2025-71382P4MEDIUMCVSS 6.5fixed in 1.27.02026-06-23
CVE-2025-71382 [MEDIUM] CWE-674 CVE-2025-71382: MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering e MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function value_from_inheritable_property() in css-apply.c recurses through the CSS
nvd
CVE-2019-14975P4HIGHCVSS 7.1fixed in 1.16.02019-08-14
CVE-2019-14975 [HIGH] CWE-125 CVE-2019-14975: Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c beca Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
nvd
CVE-2017-5896P4MEDIUMCVSS 5.5≤ 1.102017-02-15
CVE-2017-5896 [MEDIUM] CWE-125 CVE-2017-5896: Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allow Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
nvdosv
CVE-2018-6187P4MEDIUMCVSS 5.5v1.12.02018-01-24
CVE-2018-6187 [MEDIUM] CWE-787 CVE-2018-6187: In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_docu In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
nvdosv
CVE-2016-10247P4MEDIUMCVSS 5.5≤ 1.102017-03-16
CVE-2016-10247 [MEDIUM] CWE-787 CVE-2016-10247: Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. Mu Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
nvdosv
CVE-2020-19609P4MEDIUMCVSS 5.5fixed in 1.18.02021-07-21
CVE-2020-19609 [MEDIUM] CWE-787 CVE-2020-19609: Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function wh Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
nvdosv