Patching for Windows Mac Linux
CVE Vulnerabilities for mutool
| CVE | Published | Severity | Details | Exploitability | Impact | Vector |
|---|---|---|---|---|---|---|
| CVE‑2023‑51107 | 2023‑12‑26 15:15:09 | HIGH (8) | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product. | 4 | 4 | NETWORK |
| CVE‑2023‑51105 | 2023‑12‑26 15:15:09 | HIGH (8) | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c. | 4 | 4 | NETWORK |
| CVE‑2023‑51104 | 2023‑12‑26 15:15:09 | HIGH (8) | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero. | 4 | 4 | NETWORK |
| CVE‑2023‑51103 | 2023‑12‑26 15:15:09 | HIGH (8) | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c. | 4 | 4 | NETWORK |
| CVE‑2020‑26683 | 2023‑08‑22 19:16:20 | MEDIUM (6) | A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information. | 2 | 4 | LOCAL |
| CVE‑2020‑26519 | 2020‑10‑02 06:15:12 | MEDIUM (6) | Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | 2 | 4 | LOCAL |
| CVE‑2020‑21896 | 2023‑08‑22 19:16:19 | MEDIUM (6) | A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file. | 2 | 4 | LOCAL |
| CVE‑2020‑19609 | 2021‑07‑21 15:15:13 | MEDIUM (6) | Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | 2 | 4 | LOCAL |
| CVE‑2020‑16600 | 2020‑12‑09 21:15:15 | HIGH (8) | A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and earlier when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer. | 2 | 6 | LOCAL |
| CVE‑2019‑7321 | 2019‑06‑13 18:29:01 | HIGH (8) | Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. | 0 | 0 | NETWORK |
| CVE‑2019‑6131 | 2019‑01‑11 05:29:02 | MEDIUM (4) | svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | 0 | 0 | NETWORK |
| CVE‑2019‑6130 | 2019‑01‑11 05:29:02 | MEDIUM (4) | Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c. | 0 | 0 | NETWORK |
| CVE‑2019‑14975 | 2019‑08‑14 13:15:11 | MEDIUM (6) | Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | 0 | 0 | NETWORK |
| CVE‑2019‑13290 | 2019‑07‑04 22:15:11 | MEDIUM (7) | Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display list node. | 0 | 0 | NETWORK |
| CVE‑2018‑6544 | 2018‑02‑02 09:29:01 | MEDIUM (4) | pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document. | 0 | 0 | NETWORK |
| CVE‑2018‑6192 | 2018‑01‑24 21:29:00 | MEDIUM (4) | In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | 0 | 0 | NETWORK |
| CVE‑2018‑6187 | 2018‑01‑24 10:29:01 | MEDIUM (4) | In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file. | 0 | 0 | NETWORK |
| CVE‑2018‑19882 | 2018‑12‑06 00:29:00 | MEDIUM (4) | In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. | 0 | 0 | NETWORK |
| CVE‑2018‑19881 | 2018‑12‑06 00:29:00 | MEDIUM (4) | In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. | 0 | 0 | NETWORK |
| CVE‑2018‑19777 | 2018‑11‑30 10:29:00 | MEDIUM (4) | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | 0 | 0 | NETWORK |
| CVE‑2018‑18662 | 2018‑10‑26 14:29:03 | MEDIUM (4) | There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool. | 0 | 0 | NETWORK |
| CVE‑2018‑16648 | 2018‑09‑06 23:29:02 | MEDIUM (4) | In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow. | 0 | 0 | NETWORK |
| CVE‑2018‑16647 | 2018‑09‑06 23:29:02 | MEDIUM (4) | In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file. | 0 | 0 | NETWORK |
| CVE‑2018‑100005 | 2018‑02‑09 23:29:02 | MEDIUM (7) | Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF. | 0 | 0 | NETWORK |
| CVE‑2018‑100004 | 2018‑05‑24 13:29:01 | MEDIUM (4) | In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file. | 0 | 0 | NETWORK |
| CVE‑2018‑100003 | 2018‑05‑24 13:29:01 | MEDIUM (6) | In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 3 | 3 | NETWORK |
| CVE‑2017‑7264 | 2017‑03‑26 05:59:00 | MEDIUM (5) | Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | 4 | 1 | NETWORK |
| CVE‑2017‑6060 | 2017‑03‑15 14:59:01 | HIGH (8) | Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. | 2 | 6 | LOCAL |
| CVE‑2017‑5991 | 2017‑02‑15 06:59:01 | HIGH (8) | An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected. | 4 | 4 | NETWORK |
| CVE‑2017‑17866 | 2017‑12‑27 17:08:21 | MEDIUM (7) | pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | 0 | 0 | NETWORK |
| CVE‑2017‑17858 | 2018‑01‑22 15:29:00 | MEDIUM (7) | Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted. | 0 | 0 | NETWORK |
| CVE‑2017‑15587 | 2017‑10‑18 08:29:00 | MEDIUM (7) | An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | 0 | 0 | NETWORK |
| CVE‑2017‑15369 | 2017‑10‑16 01:29:01 | MEDIUM (7) | The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document. | 0 | 0 | NETWORK |
| CVE‑2017‑14687 | 2017‑09‑22 06:29:00 | MEDIUM (7) | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons. | 0 | 0 | NETWORK |
| CVE‑2017‑14686 | 2017‑09‑22 06:29:00 | MEDIUM (7) | Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers. | 0 | 0 | NETWORK |
| CVE‑2017‑14685 | 2017‑09‑22 06:29:00 | MEDIUM (7) | Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded. | 0 | 0 | NETWORK |
| CVE‑2016‑8729 | 2018‑04‑24 19:29:00 | HIGH (8) | An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability. | 2 | 6 | LOCAL |
| CVE‑2016‑10247 | 2017‑03‑16 14:59:00 | MEDIUM (6) | Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | 2 | 4 | LOCAL |
| CVE‑2016‑10246 | 2017‑03‑16 14:59:00 | MEDIUM (6) | Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. | 2 | 4 | LOCAL |
| CVE‑2016‑10221 | 2017‑04‑03 05:59:00 | MEDIUM (4) | The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document. | 3 | 1 | NETWORK |
What applications does Lavawall® monitor?
Lavawall monitors patches for over 7,500 applications. This is a summary of the most popular applications.Click here for the full list.
Click the applications below for the current version and known vulnerabilities.
Logos are property of their respective trademark holders and are not affiliated with ThreeShield or Lavawall. We have not audited the security of most of the listed tools.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.