Unrated severityOSV Advisory· Published Dec 6, 2018· Updated Sep 16, 2024
CVE-2018-19881
CVE-2018-19881
Description
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/mitrevendor-advisory
- bugs.ghostscript.com/show_bug.cgimitre
- cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/mitre
- github.com/TeamSeri0us/pocs/tree/master/mupdf/20181203mitre
News mentions
0No linked articles in our index yet.