Lucene search
K

1350 matches found

OSV
OSV
added 2026/06/30 11:34 a.m.3 views

OPENSUSE-SU-2026:21180-1 Security update for mupdf

This update for mupdf fixes the following issues: Changes in mupdf: - Build and ship MuPDF as a shared library make shared=yes instead of static-only: New subpackage libmupdf272 carries libmupdf.so.27.2 the SONAME tracks the upstream minor.patch version. Replaced the static-only mupdf-devel-stati...

7.5CVSS6AI score0.00477EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in mupdf

A integer overflow vulnerability exists in the 'pdf-image.c' file in Artifex’s MuPDF version 1.27.0. This vulnerability allows an attacker to create a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This enables a heap out-of-bounds write, which could be exploited...

7.8CVSS6.4AI score0.00213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-71382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of...

7.1CVSS6.1AI score0.00316EPSS
Exploits1References3
NVD
NVD
added 2026/06/23 6:17 p.m.6 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
OSV
OSV
added 2026/06/23 6:17 p.m.3 views

UBUNTU-CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 5:21 p.m.34 views

CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS0.00316EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/23 5:21 p.m.5 views

EUVD-2025-210322

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References5
CVE
CVE
added 2026/06/23 5:21 p.m.11 views

CVE-2025-71382

MuPDF prior to 1.27.0-rc1 is affected by an uncontrolled recursion in the EPUB CSS rendering engine. The function value_from_inheritable_property() in css-apply.c recurses through the CSS property inheritance chain without a depth limit, enabling remote attackers to trigger a denial of service by...

7.1CVSS6AI score0.00316EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51571

Name of the Vulnerable Software and Affected Versions MuPDF versions prior to 1.27.0-rc1 Description The EPUB CSS rendering engine contains an uncontrolled recursion issue. A remote attacker can trigger a denial of service by providing a specially crafted EPUB file featuring inline CSS styles and...

7.1CVSS5.8AI score0.00316EPSS
Exploits1References7
Rosalinux
Rosalinux
added 2026/06/01 11:12 a.m.12 views

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00477EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/30 2:29 a.m.5 views

SUSE CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS4.1AI score0.00238EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-7233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component...

6.1CVSS5.4AI score0.00238EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/28 9:19 a.m.5 views

CVE-2026-7233

A flaw was found in Artifex MuPDF, specifically within its CFF Index Handler component. A local user could exploit an out-of-bounds read vulnerability in the fzsubsetcffforgids function. This could allow an attacker to read sensitive information from memory, potentially leading to information...

6.1CVSS5.2AI score0.00238EPSS
Exploits1References9
NVD
NVD
added 2026/04/28 7:16 a.m.7 views

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS0.00238EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2026/04/28 7:16 a.m.6 views

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS5.4AI score0.00238EPSS
Exploits1References2
OSV
OSV
added 2026/04/28 7:16 a.m.6 views

UBUNTU-CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS5.3AI score0.00238EPSS
Exploits1References3
CVE
CVE
added 2026/04/28 6:0 a.m.26 views

CVE-2026-7233

Technical details about CVE-2026-7233 are not publicly available in the provided documents; monitor for updates.

6.1CVSS4.4AI score0.00238EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/04/28 6:0 a.m.8 views

EUVD-2026-26000

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

4.8CVSS5AI score0.00238EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/04/28 6:0 a.m.35 views

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

4.8CVSS0.00238EPSS
Exploits1References6
Rows per page
Query Builder