ALT-PU-2024-17458-2
Closed vulnerabilities
Published: 2021-02-24
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3407
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a
- http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a
- https://bugs.ghostscript.com/show_bug.cgi?id=703366
- https://bugs.ghostscript.com/show_bug.cgi?id=703366
- [debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update
- [debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update
- FEDORA-2021-d8e6f014e5
- FEDORA-2021-d8e6f014e5
- FEDORA-2021-572bb0f886
- FEDORA-2021-572bb0f886
- FEDORA-2021-baeaa7bccb
- FEDORA-2021-baeaa7bccb
- GLSA-202105-30
- GLSA-202105-30
Published: 2021-07-22
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-37220
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f
- http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f
- https://bugs.ghostscript.com/show_bug.cgi?id=703791
- https://bugs.ghostscript.com/show_bug.cgi?id=703791
- FEDORA-2021-e1d8a99caa
- FEDORA-2021-e1d8a99caa
Published: 2022-08-26
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-4216
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References: