VYPR

Mupdf

by Artifex

Source repositories

CVEs (64)

  • CVE-2018-1000037MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.

  • CVE-2018-1000036MedMay 24, 2018
    risk 0.36cvss 5.5epss 0.01

    In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.

  • CVE-2018-6544MedFeb 2, 2018
    risk 0.36cvss 5.5epss 0.02

    pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.

  • CVE-2018-6192MedJan 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.

  • CVE-2018-6187MedJan 24, 2018
    risk 0.36cvss 5.5epss 0.02

    In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.

  • CVE-2016-10247MedMar 16, 2017
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

  • CVE-2016-10246MedMar 16, 2017
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.

  • CVE-2016-8674MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.01

    The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file.

  • CVE-2017-5896MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.

  • CVE-2017-7264MedMar 26, 2017
    risk 0.35cvss 5.3epss 0.01

    Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.

  • CVE-2016-10221MedApr 3, 2017
    risk 0.28cvss 4.3epss 0.01

    The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.

  • CVE-2026-7233LowApr 28, 2026
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The…

  • CVE-2026-40505LowApr 16, 2026
    risk 0.14cvss 3.3epss 0.00

    MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal…

  • CVE-2014-2013Mar 3, 2014
    risk 0.04cvss epss 0.15

    Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element.

  • CVE-2012-5340Jan 23, 2020
    risk 0.03cvss epss 0.06

    SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

  • CVE-2025-71382Jun 23, 2026
    risk 0.00cvss epss 0.00

    MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function…

  • CVE-2026-25556Feb 6, 2026
    risk 0.00cvss epss 0.00

    MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fz_fill_pixmap_from_display_list() when an exception occurs during display list rendering. The function accepts a caller-owned fz_pixmap pointer but incorrectly drops the pixmap in its error handling…

  • CVE-2025-55780Sep 23, 2025
    risk 0.00cvss epss 0.00

    A null pointer dereference occurs in the function break_word_for_overflow_wrap() in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fz_html_split_flow() to split a FLOW_WORD node, but does not check if node->next is valid before accessing…

  • CVE-2025-46206Aug 4, 2025
    risk 0.00cvss epss 0.00

    An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function…

  • CVE-2024-46657Dec 10, 2024
    risk 0.00cvss epss 0.00

    Artifex Software mupdf v1.24.9 was discovered to contain a segmentation fault via the component /tools/pdfextract.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.