Vulnerabilities > Artifex > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-16 | CVE-2022-2085 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. | 5.5 |
| 2022-05-18 | CVE-2022-30974 | Uncontrolled Recursion vulnerability in multiple products compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. | 5.5 |
| 2022-05-18 | CVE-2022-30975 | NULL Pointer Dereference vulnerability in multiple products In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. | 5.5 |
| 2022-01-01 | CVE-2021-45944 | Use After Free vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). | 5.5 |
| 2022-01-01 | CVE-2021-45949 | Out-of-bounds Write vulnerability in multiple products Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). | 5.5 |
| 2021-07-21 | CVE-2021-37220 | Out-of-bounds Write vulnerability in multiple products MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. | 5.5 |
| 2021-07-21 | CVE-2020-19609 | Out-of-bounds Write vulnerability in multiple products Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service. | 5.5 |
| 2021-02-23 | CVE-2021-3407 | A flaw was found in mupdf 1.18.0. | 5.5 |
| 2020-10-02 | CVE-2020-26519 | Out-of-bounds Write vulnerability in multiple products Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | 5.5 |
| 2020-09-03 | CVE-2020-14373 | Use After Free vulnerability in multiple products A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. | 5.5 |