Artifex Software Inc Mupdf vulnerabilities
3 known vulnerabilities affecting artifex_software_inc/mupdf.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2LOW1
Vulnerabilities
Page 1 of 1
CVE-2016-8728P3HIGHCVSS 7.8v1.10-rc12018-04-24
CVE-2016-8728 [HIGH] CWE-787 CVE-2016-8728: An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of t
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader
nvd
CVE-2016-8729P3HIGHCVSS 7.8v1.9v1.10 RC22018-04-24
CVE-2016-8729 [HIGH] CWE-119 CVE-2016-8729: An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A sp
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.
nvd
CVE-2026-40505P4LOWCVSS 3.3fixed in 1.27.0v0f17d789fe8c29b41e47663be82514aaca3a4dfb2026-04-16
CVE-2026-40505 [LOW] CWE-150 CVE-2026-40505: MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running mutool info, enabling them to manipulate terminal display fo
nvd