Search CVE reports


Toggle filters

31 – 40 of 68 results


CVE-2018-16647

Medium priority

Some fixes available 1 of 10

In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Fixed
Show less packages

CVE-2018-1000040

Low priority
Vulnerable

In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2018-1000039

Medium priority
Needs evaluation

In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2018-1000038

Medium priority
Needs evaluation

In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2018-1000037

Low priority
Vulnerable

In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2018-1000036

Low priority

Some fixes available 1 of 11

In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-8729

Medium priority

Some fixes available 2 of 4

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential...

2 affected packages

jbig2dec, mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
jbig2dec Not affected Not affected
mupdf Not affected Not affected
Show less packages

CVE-2016-8728

Medium priority
Ignored

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process...

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected
Show less packages

CVE-2018-10289

Medium priority

Some fixes available 1 of 12

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Fixed
Show less packages

CVE-2018-1000051

Medium priority
Vulnerable

Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.

1 affected package

mupdf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mupdf Not affected Not affected Not affected Not affected
Show less packages