CVE-2023-51106
https://notcve.org/view.php?id=CVE-2023-51106
A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero. Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función pnm_binary_read_image() de load-pnm.c. • https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md • CWE-369: Divide By Zero •
CVE-2023-51107
https://notcve.org/view.php?id=CVE-2023-51107
A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c. NOTE: this is disputed by the supplier because there was not reasonable evidence to determine the existence of a vulnerability or identify the affected product. Se descubrió una vulnerabilidad de excepción de punto flotante (división por cero) en mupdf 1.23.4 en la función compute_color() de jquant2.c. • https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md • CWE-369: Divide By Zero •
CVE-2023-31794
https://notcve.org/view.php?id=CVE-2023-31794
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Se descubrió que MuPDF v1.21.1 contiene una recursividad infinita en el componente pdf_mark_list_push. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo PDF manipulado. • https://bugs.ghostscript.com/show_bug.cgi?id=706506 https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06 https://git.ghostscript.com/?p=mupdf.git%3Bh=c0015401693b58e2deb5d75c39f27bc1216e47c6 • CWE-674: Uncontrolled Recursion •
CVE-2020-21896
https://notcve.org/view.php?id=CVE-2020-21896
A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file. • https://bugs.ghostscript.com/show_bug.cgi?id=701294 http://www.ghostscript.com/cgi-bin/findgit.cgi?8719e07834d6a72b6b4131539e49ed1e8e2ff79e • CWE-416: Use After Free •
CVE-2020-26683
https://notcve.org/view.php?id=CVE-2020-26683
A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information. Un problema de pérdida de memoria descubierto en /pdf/pdf-font-add.c en MuPDF 1.17.0 de Artifex Software permite a los atacantes obtener información confidencial. • https://bugs.ghostscript.com/show_bug.cgi?id=702566 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=05720b4ee3dbae57e65546dc2eecc3021c08eeea • CWE-401: Missing Release of Memory after Effective Lifetime •