Artifex Mupdf vulnerabilities
68 known vulnerabilities affecting artifex/mupdf.
Total CVEs
68
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH28MEDIUM36LOW1
Vulnerabilities
Page 3 of 4
CVE-2016-10246P4MEDIUMCVSS 5.5≤ 1.102017-03-16
CVE-2016-10246 [MEDIUM] CWE-787 CVE-2016-10246: Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF be
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
nvdosv
CVE-2021-37220P4MEDIUMCVSS 5.5≤ 1.18.12021-07-21
CVE-2021-37220 [MEDIUM] CWE-787 CVE-2021-37220: MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
nvdosv
CVE-2020-26519P4MEDIUMCVSS 5.5fixed in 1.18.02020-10-02
CVE-2020-26519 [MEDIUM] CWE-787 CVE-2020-26519: Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing att
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
nvdosv
CVE-2017-7264P4MEDIUMCVSS 5.3v1.10a2017-03-26
CVE-2017-7264 [MEDIUM] CWE-416 CVE-2017-7264: Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1
Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
nvdosv
CVE-2020-21896P4MEDIUMCVSS 5.5v1.16.02023-08-22
CVE-2020-21896 [MEDIUM] CWE-416 CVE-2020-21896: A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.
nvdosv
CVE-2020-26683P4MEDIUMCVSS 5.5v1.17.02023-08-22
CVE-2020-26683 [MEDIUM] CWE-401 CVE-2020-26683: A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attack
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.
nvdosv
CVE-2016-6265P4MEDIUMCVSS 5.5≤ 1.92016-09-22
CVE-2016-6265 [MEDIUM] CWE-416 CVE-2016-6265: Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
nvdosv
CVE-2018-18662P4MEDIUMCVSS 5.5v1.14.02018-10-26
CVE-2018-18662 [MEDIUM] CWE-125 CVE-2018-18662: There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonst
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
nvdosv
CVE-2018-6544P4MEDIUMCVSS 5.5v1.12.02018-02-02
CVE-2018-6544 [MEDIUM] CWE-674 CVE-2018-6544: pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursi
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
nvdosv
CVE-2018-1000037P4MEDIUMCVSS 5.5≤ 1.12.02018-05-24
CVE-2018-1000037 [MEDIUM] CWE-20 CVE-2018-1000037: In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attack
In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
nvdosv
CVE-2019-6131P4MEDIUMCVSS 5.5v1.14.02019-01-11
CVE-2019-6131 [MEDIUM] CWE-674 CVE-2019-6131: svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbo
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
nvdosv
CVE-2018-1000040P4MEDIUMCVSS 5.5≤ 1.12.02018-05-24
CVE-2018-1000040 [MEDIUM] CWE-20 CVE-2018-1000040: In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser coul
In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
nvdosv
CVE-2018-16648P4MEDIUMCVSS 5.5v1.13.02018-09-06
CVE-2018-16648 [MEDIUM] CWE-129 CVE-2018-16648: In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cau
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
nvdosv
CVE-2018-19881P4MEDIUMCVSS 5.5v1.14.02018-12-06
CVE-2018-19881 [MEDIUM] CWE-400 CVE-2018-19881: In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursi
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
nvdosv
CVE-2019-6130P4MEDIUMCVSS 5.5v1.14.02019-01-11
CVE-2019-6130 [MEDIUM] CWE-118 CVE-2019-6130: Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonst
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
nvdosv
CVE-2018-16647P4MEDIUMCVSS 5.5v1.13.02018-09-06
CVE-2018-16647 [MEDIUM] CWE-119 CVE-2018-16647: In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers t
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
nvdosv
CVE-2021-4216P4MEDIUMCVSS 5.5fixed in 1.20.0vFixed in v1.20.0-rc12022-08-26
CVE-2021-4216 [MEDIUM] CWE-369 CVE-2021-4216: A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in murast
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
nvdosv
CVE-2018-6192P4MEDIUMCVSS 5.5v1.12.02018-01-24
CVE-2018-6192 [MEDIUM] CWE-119 CVE-2018-6192: In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
nvdosv
CVE-2018-5686P4MEDIUMCVSS 5.5v1.12.02018-01-14
CVE-2018-5686 [MEDIUM] CWE-835 CVE-2018-5686: In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
nvdosv
CVE-2016-8674P4MEDIUMCVSS 5.5≤ 1.9a2017-02-15
CVE-2016-8674 [MEDIUM] CWE-416 CVE-2016-8674: The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a deni
The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.
nvdosv