14 matches found
EUVD-2025-30899
Malicious code in bioql PyPI...
SUSE CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
NULL Pointer Dereference
Overview PyMuPDF is an A high performance Python library for data extraction, analysis, conversion & manipulation of PDF and other documents. Affected versions of this package are vulnerable to NULL Pointer Dereference via the breakwordforoverflowwrap function when rendering a malformed EPUB...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
DEBIAN-CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
UBUNTU-CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
PT-2025-39197
Name of the Vulnerable Software and Affected Versions MuPDF version 1.26.4 Description A flaw exists in MuPDF where a null pointer dereference can occur within the break word for overflow wrap function when processing a malformed EPUB document. This happens because the function calls fz html spli...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
CVE-2025-55780
A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...
CVE-2025-55780
CVE-2025-55780 describes a null pointer dereference in MuPDF 1.26.4 when rendering malformed EPUBs. The crash arises in break_word_for_overflow_wrap() after calling fz_html_split_flow() if node->next is invalid and is dereferenced as node->next->overflow_wrap, potentially allowing an att...
Adobe Animate Integer Overflow or Wrap Around Vulnerability
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from an integer overflow or wrap-around vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...