CVE-2025-55780

🗓️ 23 Sep 2025 18:15:34Reported by Alpine Linux Development TeamType

alpinelinux

alpinelinux🔗 security.alpinelinux.org👁 3 Views

MuPDF 1.26.4 has a null pointer dereference in break_word_for_overflow_wrap with malformed EPUB.

Reporter	Title	Published	Views	Family All 27
Circl	CVE-2025-55780	25 Sep 202504:38	–	circl
CNNVD	MuPDF 安全漏洞	23 Sep 202500:00	–	cnnvd
CVE	CVE-2025-55780	23 Sep 202500:00	–	cve
Cvelist	CVE-2025-55780	23 Sep 202500:00	–	cvelist
Debian CVE	CVE-2025-55780	23 Sep 202500:00	–	debiancve
EUVD	EUVD-2025-30899	3 Oct 202520:07	–	euvd
Fedora	[SECURITY] Fedora 42 Update: mupdf-1.26.3-4.fc42	4 Oct 202500:53	–	fedora
Fedora	[SECURITY] Fedora 41 Update: mupdf-1.25.4-3.fc41	4 Oct 202501:06	–	fedora
Tenable Nessus	Fedora 41 : mupdf (2025-4651fb3c55)	4 Oct 202500:00	–	nessus
Tenable Nessus	Fedora 42 : mupdf (2025-562364d434)	3 Oct 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Alpine	edge-community	noarch	mupdf	1.24.10-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.1-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.2-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.2-r1	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.3-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.4-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.5-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.6-r0	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.6-r1	UNKNOWN
Alpine	edge-community	noarch	mupdf	1.25.6-r2	UNKNOWN

Source	Link
bugs	www.bugs.ghostscript.com/show_bug.cgi
cgit	www.cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/
github	www.github.com/ISH2YU/CVE-2025-55780/tree/main

08 Oct 2025 18:04Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.17.5

EPSS0.00066

SSVC

muPDF null pointer overflow wrap html split flow malformed EPUB