VYPR

Mupdf

by Artifex

Source repositories

CVEs (64)

  • CVE-2016-6525CriSep 22, 2016
    risk 0.64cvss 9.8epss 0.04

    Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array.

  • CVE-2017-6060HigMar 15, 2017
    risk 0.54cvss 7.8epss 0.07

    Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.

  • CVE-2017-5991HigFeb 15, 2017
    risk 0.53cvss 7.5epss 0.15

    An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected.

  • CVE-2018-1000038HigMay 24, 2018
    risk 0.51cvss 7.8epss 0.02

    In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.

  • CVE-2016-8729HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and…

  • CVE-2016-8728HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code…

  • CVE-2018-1000051HigFeb 9, 2018
    risk 0.51cvss 7.8epss 0.02

    Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.

  • CVE-2017-17858HigJan 22, 2018
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted.

  • CVE-2017-17866HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.02

    pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact…

  • CVE-2017-15587HigOct 18, 2017
    risk 0.51cvss 7.8epss 0.01

    An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11.

  • CVE-2017-15369HigOct 16, 2017
    risk 0.51cvss 7.8epss 0.01

    The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or…

  • CVE-2017-14687HigSep 22, 2017
    risk 0.51cvss 7.8epss 0.01

    Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of…

  • CVE-2017-14686HigSep 22, 2017
    risk 0.51cvss 7.8epss 0.02

    Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in…

  • CVE-2017-14685HigSep 22, 2017
    risk 0.51cvss 7.8epss 0.01

    Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because…

  • CVE-2025-15569HigFeb 10, 2026
    risk 0.46cvss 7.0epss 0.00

    A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high…

  • CVE-2026-3308HigMar 31, 2026
    risk 0.44cvss 7.8epss 0.00

    An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdf_load_image_imp' function. This allows a heap out-of-bounds write that could be exploited for…

  • CVE-2018-1000039MedMay 24, 2018
    risk 0.41cvss 6.3epss 0.02

    In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.

  • CVE-2018-16648MedSep 6, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.

  • CVE-2018-16647MedSep 6, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.

  • CVE-2018-1000040MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

Page 1 of 4