MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Max CVSS
5.5
EPSS Score
0.12%
Published
2021-07-21
Updated
2021-11-28
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Max CVSS
5.5
EPSS Score
0.11%
Published
2021-02-23
Updated
2023-02-12
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
Max CVSS
5.5
EPSS Score
0.10%
Published
2021-07-21
Updated
2021-12-14
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!