Vulnerabilities > Artifex > Mupdf > 1.12

DATE CVE VULNERABILITY TITLE RISK
2018-05-24 CVE-2018-1000036 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
local
low complexity
artifex debian CWE-772
5.5
2017-12-27 CVE-2017-17866 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
local
low complexity
artifex debian CWE-119
7.8