| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-13290 | 6.8 |
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the a
|
30-08-2020 - 00:15 | 04-07-2019 - 22:15 | |
| CVE-2019-6130 | 4.3 |
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
|
26-07-2020 - 00:15 | 11-01-2019 - 05:29 | |
| CVE-2018-16647 | 4.3 |
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.
|
26-07-2020 - 00:15 | 06-09-2018 - 23:29 | |
| CVE-2018-18662 | 4.3 |
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
|
26-07-2020 - 00:15 | 26-10-2018 - 14:29 | |
| CVE-2018-16648 | 4.3 |
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow.
|
26-07-2020 - 00:15 | 06-09-2018 - 23:29 |