UBUNTU-CVE-2020-21896

A Use After Free vulnerability in svgdevtextspanaspathsdefs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime through the /pdf/pdf-font-add.c component. An attacker can obtain sensitive information by exploiting a memory leak issue. Remediation Upgrade mupdf to version 1.18.0 or higher...

CVE-2020-26683

A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information...

PT-2023-11754 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex Software MuPDF version 1.17.0 Description: A memory leak issue in the /pdf/pdf-font-add.c file allows attackers to obtain sensitive information. Recommendations: For Artifex Software MuPDF version 1.17.0, at the moment, there is no...

CVE-2020-21896

A Use After Free vulnerability in svgdevtextspanaspathsdefs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file...

Artifex Software MuPDF 安全漏洞

Artifex Software MuPDF is a free and lightweight PDF reader from Artifex Software, USA. A security vulnerability exists in Artifex Software MuPDF version 1.17.0, which originates from a memory leak in /pdf/pdf-font-add.c. The vulnerability is caused by the presence of a memory leak in the...

CVE-2020-26683

A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information...

CVE-2020-21896

A Use After Free vulnerability in svgdevtextspanaspathsdefs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file...

CVE-2020-26683

CVE-2020-26683 : A memory leak vulnerability in MuPDF 1.17.0, specifically in /pdf/pdf-font-add.c, could allow an attacker to obtain sensitive information. The issue is documented across multiple advisories (MuPDF/Ubuntu OSS/OSV entries). Public details in the provided sources do not include a co...

PT-2023-11607 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex Software MuPDF version 1.16.0 Description: A Use After Free vulnerability in the svg dev text span as paths defs function in source/fitz/svg-device.c allows remote attackers to cause a denial of service via the opening of a crafted PD...

CVE-2020-21896

CVE-2020-21896 affects MuPDF, specifically the use-after-free in svg_dev_text_span_as_paths_defs within source/fitz/svg-device.c for MuPDF 1.16.0. The vulnerability could allow a remote attacker to cause a denial of service by opening a crafted PDF file. Several advisories document vendor patches...

CVE-2020-21896

A Use After Free vulnerability in svgdevtextspanaspathsdefs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file...

CVE-2020-26683

A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information...

Debian: Security Advisory (DLA-1164-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-589-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-2013

Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...

SUSE CVE-2016-6265

Use-after-free vulnerability in the pdfloadxref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service crash via a crafted PDF file...

SUSE CVE-2016-8674

The pdftonum function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted file...

SUSE CVE-2016-8729

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to...

SUSE CVE-2016-8728

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...