Artifex Mupdf
By the Year
In 2023 there have been 0 vulnerabilities in Artifex Mupdf . Last year Mupdf had 1 security vulnerability published. Right now, Mupdf is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.50 |
| 2021 | 3 | 5.50 |
| 2020 | 2 | 6.65 |
| 2019 | 5 | 7.14 |
| 2018 | 19 | 6.11 |
It may take a day or so for new Mupdf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Artifex Mupdf Security Vulnerabilities
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c
CVE-2021-4216
5.5 - Medium
- August 26, 2022
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
Divide By Zero
MuPDF through 1.18.1 has an out-of-bounds write
CVE-2021-37220
5.5 - Medium
- July 21, 2021
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Memory Corruption
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files
CVE-2020-19609
5.5 - Medium
- July 21, 2021
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
Memory Corruption
A flaw was found in mupdf 1.18.0
CVE-2021-3407
5.5 - Medium
- February 23, 2021
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Double-free
A Use After Free vulnerability exists in Artifex Software, Inc
CVE-2020-16600
7.8 - High
- December 09, 2020
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
Dangling pointer
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files
CVE-2020-26519
5.5 - Medium
- October 02, 2020
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
Memory Corruption
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c
CVE-2019-14975
7.1 - High
- August 14, 2019
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
Out-of-bounds Read
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c
CVE-2019-13290
7.8 - High
- July 04, 2019
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node.
Memory Corruption
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability
CVE-2019-7321
9.8 - Critical
- June 13, 2019
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
Memory Corruption
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol
CVE-2019-6131
5.5 - Medium
- January 11, 2019
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
Stack Exhaustion
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool
CVE-2019-6130
5.5 - Medium
- January 11, 2019
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
Range Error
In Artifex MuPDF 1.14.0, svg/svg-run.c
CVE-2018-19881
5.5 - Medium
- December 06, 2018
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Resource Exhaustion
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c
CVE-2018-19882
5.5 - Medium
- December 06, 2018
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
NULL Pointer Dereference
In Artifex MuPDF 1.14.0
CVE-2018-19777
5.5 - Medium
- November 30, 2018
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
Infinite Loop
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0
CVE-2018-18662
5.5 - Medium
- October 26, 2018
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
Out-of-bounds Read
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c
CVE-2018-16648
5.5 - Medium
- September 06, 2018
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
out-of-bounds array index
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c
CVE-2018-16647
5.5 - Medium
- September 06, 2018
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
Buffer Overflow
In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser
CVE-2018-1000036
5.5 - Medium
- May 24, 2018
In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
Missing Release of Resource after Effective Lifetime
In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser
CVE-2018-1000037
5.5 - Medium
- May 24, 2018
In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
Improper Input Validation
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could
CVE-2018-1000038
7.8 - High
- May 24, 2018
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
Memory Corruption
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could
CVE-2018-1000039
7.8 - High
- May 24, 2018
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
Dangling pointer
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could
CVE-2018-1000040
5.5 - Medium
- May 24, 2018
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
Improper Input Validation
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer
CVE-2016-8728
7.8 - High
- April 24, 2018
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability.
Memory Corruption
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9
CVE-2016-8729
7.8 - High
- April 24, 2018
An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability.
Buffer Overflow
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file
CVE-2018-10289
5.5 - Medium
- April 22, 2018
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Infinite Loop
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable
CVE-2018-1000051
7.8 - High
- February 09, 2018
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
Dangling pointer
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which
CVE-2018-6544
5.5 - Medium
- February 02, 2018
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
Stack Exhaustion
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c
CVE-2018-6192
5.5 - Medium
- January 24, 2018
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
Buffer Overflow
In Artifex MuPDF 1.12.0
CVE-2018-6187
5.5 - Medium
- January 24, 2018
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
Memory Corruption
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c)
CVE-2018-5686
5.5 - Medium
- January 14, 2018
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Infinite Loop
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc
CVE-2016-10247
5.5 - Medium
- March 16, 2017
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Memory Corruption
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc
CVE-2016-10246
5.5 - Medium
- March 16, 2017
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Memory Corruption
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc
CVE-2017-6060
7.8 - High
- March 15, 2017
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
Memory Corruption
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465
CVE-2017-5991
7.5 - High
- February 15, 2017
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Artifex? Click the Watch button to subscribe.
