Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-71382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of...

7.1CVSS6.1AI score0.00316EPSS
Exploits1References3
OSV
OSV
added 2026/06/23 6:17 p.m.2 views

DEBIAN-CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

6.5CVSS5.8AI score0.00316EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:21 p.m.4 views

CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/09/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-55780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function...

7.5CVSS6AI score0.00399EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/23 12:0 a.m.3 views

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

6.3AI score0.00399EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/23 12:0 a.m.12 views

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

0.00399EPSS
Exploits0References3
CVE
CVE
added 2025/09/23 12:0 a.m.34 views

CVE-2025-55780

CVE-2025-55780 describes a null pointer dereference in MuPDF 1.26.4 when rendering malformed EPUBs. The crash arises in break_word_for_overflow_wrap() after calling fz_html_split_flow() if node->next is invalid and is dereferenced as node->next->overflow_wrap, potentially allowing an att...

7.5CVSS6.3AI score0.00399EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder