CVE-2026-3308 CVE-2026-3308

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

OPENSUSE-SU-2026:10214-1 mupdf-1.27.1-1.1 on GA media

These are all security issues fixed in the mupdf-1.27.1-1.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2018-16648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex MuPDF 1.13.0, the fzappendbyte function in fitz/buffer.c allows remote attackers to cause a denial of service segmentation fault via a crafted pdf...

Linux Distros Unpatched Vulnerability : CVE-2019-6130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex MuPDF 1.14.0 has a SEGV in the function fzloadpage of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in...

Linux Distros Unpatched Vulnerability : CVE-2017-17858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the ensuresolidxref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2020-16600

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixma...

Linux Distros Unpatched Vulnerability : CVE-2017-6060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in jstestmain.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2018-18662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an out-of-bounds read in fzrunt3glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool. CVE-2018-18662 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2018-6192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex MuPDF 1.12.0, the pdfreadnewxref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation violation and applicati...

Linux Distros Unpatched Vulnerability : CVE-2023-51107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A floating point exception divide-by-zero vulnerability was discovered in Artifex MuPDF 1.23.4 in functon computecolor of jquant2.c. NOTE: this is disputed by t...

PT-2024-32098 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex Software mupdf version 1.24.9 Description: A segmentation fault was discovered in the /tools/pdfextract.c component, allowing attackers to cause a Denial of Service DoS via a crafted PDF file. The issue is related to the pdfextract.c...

CVE-2024-46657

Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...

SUSE CVE-2018-16648

In Artifex MuPDF 1.13.0, the fzappendbyte function in fitz/buffer.c allows remote attackers to cause a denial of service segmentation fault via a crafted pdf file. This is caused by a pdf/pdf-device.c pdfdevalpha array-index underflow...

SUSE CVE-2018-16647

In Artifex MuPDF 1.13.0, the pdfgetxrefentry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service segmentation fault in fzwritedata in fitz/output.c via a crafted pdf file...

CVE-2021-37220

MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input...

MuPDF Memory Disclosure Vulnerability

Artifex MuPDF is the United States Artifex Software, Inc. of a free, lightweight PDF reader. PDF parser is one of the PDF parser. Artifex MuPDF 1.12.0 and previous versions of the PDF parser has a security vulnerability. An attacker can exploit this vulnerability to cause a denial of service memo...

Stack overflow

In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdflookupcmapfull in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file...

Design/Logic Flaw

In MuPDF 1.13.0, there is an infinite loop in the fzskipspace function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file...

CVE-2018-1000051

Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fzkeepkeystorable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF...

Artifex MuPDF Denial of Service Vulnerability (CNVD-2018-03090)

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'pdfreadnewxref' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.12.0. A remote attacker can exploit this vulnerability to cause a denial of service application crash with...