5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%
mupdf is vulnerable to denial of service (DoS). Double free of object during linearization may lead to memory corruption and other potential consequences.
git.ghostscript.com/?p=mupdf.git;h=cee7cefc610d42fd383b3c80c12cbc675443176a
lists.debian.org/debian-lts-announce/2021/03/msg00012.html
lists.fedoraproject.org/archives/list/[email protected]/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/
lists.fedoraproject.org/archives/list/[email protected]/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/
lists.fedoraproject.org/archives/list/[email protected]/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/
security-tracker.debian.org/tracker/CVE-2021-3407
security.gentoo.org/glsa/202105-30
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%