Vulnerabilities > Artifex > Mupdf > 1.14.0

DATE CVE VULNERABILITY TITLE RISK
2018-12-06 CVE-2018-19881 Resource Exhaustion vulnerability in Artifex Mupdf 1.14.0
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
local
low complexity
artifex CWE-400
5.5
5.5
2018-11-30 CVE-2018-19777 Infinite Loop vulnerability in multiple products
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
local
low complexity
artifex debian CWE-835
5.5
5.5
2018-10-26 CVE-2018-18662 Out-of-bounds Read vulnerability in Artifex Mupdf 1.14.0
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
local
low complexity
artifex CWE-125
5.5
5.5