Vulnerabilities > Artifex > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-30975 NULL Pointer Dereference vulnerability in multiple products
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
local
low complexity
artifex debian fedoraproject CWE-476
5.5
5.5
2022-04-14 CVE-2022-1350 Out-of-bounds Write vulnerability in Artifex Ghostpcl 9.55.0
A vulnerability classified as problematic was found in GhostPCL 9.55.0.
network
artifex CWE-787
6.8
6.8
2022-01-01 CVE-2021-45944 Use After Free vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-416
5.5
5.5
2022-01-01 CVE-2021-45949 Out-of-bounds Write vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-787
5.5
5.5
2021-07-21 CVE-2021-37220 Out-of-bounds Write vulnerability in multiple products
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table.
local
low complexity
artifex fedoraproject CWE-787
5.5
5.5
2021-07-21 CVE-2020-19609 Out-of-bounds Write vulnerability in multiple products
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
local
low complexity
artifex debian CWE-787
5.5
5.5
2021-07-13 CVE-2020-22885 Classic Buffer Overflow vulnerability in Artifex Mujs
Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in the GC scanning phase, allows remote attackers to cause a denial of service.
network
low complexity
artifex CWE-120
5.0
5.0
2021-07-13 CVE-2020-22886 Classic Buffer Overflow vulnerability in Artifex Mujs
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.
network
low complexity
artifex CWE-120
5.0
5.0
2021-02-23 CVE-2021-3407 Double Free vulnerability in multiple products
A flaw was found in mupdf 1.18.0.
local
low complexity
artifex fedoraproject debian CWE-415
5.5
5.5
2020-10-02 CVE-2020-26519 Out-of-bounds Write vulnerability in multiple products
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
local
low complexity
artifex debian fedoraproject CWE-787
5.5
5.5