Information on source package mupdf

Available versions

ReleaseVersion
jessie1.5-1+deb8u6
stretch1.14.0+ds1-4+deb9u1
buster1.14.0+ds1-4+deb10u3
buster (lts)1.14.0+ds1-4+deb10u2
bullseye1.17.0+ds1-2
bullseye (security)1.17.0+ds1-1.3~deb11u1
bookworm1.21.1+ds2-1
trixie1.24.10+ds1-1
sid1.24.10+ds1-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-31794vulnerablevulnerablevulnerablevulnerablevulnerablefixedfixedMuPDF v1.21.1 was discovered to contain an infinite recursion in the c ...
CVE-2021-37220vulnerablefixedvulnerable (no DSA)fixedfixedfixedfixedMuPDF through 1.18.1 has an out-of-bounds write because the cached col ...
CVE-2021-3407vulnerablefixedfixedfixedfixedfixedfixedA flaw was found in mupdf 1.18.0. Double free of object during lineari ...
CVE-2020-26519vulnerablefixedfixedfixedfixedfixedfixedArtifex MuPDF before 1.18.0 has a heap based buffer over-write when pa ...
CVE-2020-21896vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA Use After Free vulnerability in svg_dev_text_span_as_paths_defs func ...
CVE-2020-19609vulnerablefixedvulnerable (no DSA)fixedfixedfixedfixedArtifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff ...
CVE-2020-16600vulnerablefixedfixedfixedfixedfixedfixedA Use After Free vulnerability exists in Artifex Software, Inc. MuPDF ...
CVE-2018-16648vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c ...
CVE-2018-16647vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xr ...
CVE-2018-6187vulnerable (no DSA)fixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnera ...
CVE-2017-17866vulnerable (no DSA)fixedfixedfixedfixedfixedfixedpdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain leng ...
CVE-2017-14687vulnerable (no DSA)fixedfixedfixedfixedfixedfixedArtifex MuPDF 1.11 allows attackers to cause a denial of service or po ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-51107vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA floating point exception (divide-by-zero) vulnerability was discover ...
CVE-2023-51106vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA floating point exception (divide-by-zero) vulnerability was discover ...
CVE-2023-51105vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA floating point exception (divide-by-zero) vulnerability was discover ...
CVE-2023-51104vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA floating point exception (divide-by-zero) vulnerability was discover ...
CVE-2023-51103vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA floating point exception (divide-by-zero) vulnerability was discover ...
CVE-2021-4216vulnerablevulnerablevulnerablevulnerablefixedfixedfixedA Floating point exception (division-by-zero) flaw was found in Mupdf ...
CVE-2020-26683vulnerablevulnerablevulnerablevulnerablefixedfixedfixedA memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Softw ...
CVE-2018-1000036vulnerablefixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF ...
CVE-2018-19882vulnerablefixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c a ...
CVE-2018-19881vulnerablefixedfixedfixedfixedfixedfixedIn Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to caus ...
CVE-2018-19777vulnerablevulnerablevulnerablefixedfixedfixedfixedIn Artifex MuPDF 1.14.0, there is an infinite loop in the function svg ...
CVE-2017-6060vulnerablefixedfixedfixedfixedfixedfixedStack-based buffer overflow in jstest_main.c in mujstest in Artifex So ...
CVE-2016-10247vulnerablefixedfixedfixedfixedfixedfixedBuffer overflow in the my_getline function in jstest_main.c in Mujstes ...
CVE-2016-10246vulnerablefixedfixedfixedfixedfixedfixedBuffer overflow in the main function in jstest_main.c in Mujstest in A ...

Resolved issues

BugDescription
CVE-2019-14975Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_ch ...
CVE-2019-13290Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_dis ...
CVE-2019-7321Usage of an uninitialized variable in the function fz_load_jpeg in Art ...
CVE-2019-6131svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack co ...
CVE-2019-6130Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fi ...
CVE-2018-1000051Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability i ...
CVE-2018-1000040In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized val ...
CVE-2018-1000039In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs ...
CVE-2018-1000038In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in functi ...
CVE-2018-1000037In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in ...
CVE-2018-18662There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Ar ...
CVE-2018-10289In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space functi ...
CVE-2018-6544pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could refer ...
CVE-2018-6192In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xre ...
CVE-2018-5686In MuPDF 1.12.0, there is an infinite loop vulnerability and applicati ...
CVE-2017-17858Heap-based buffer overflow in the ensure_solid_xref function in pdf/pd ...
CVE-2017-15587An integer overflow was discovered in pdf_read_new_xref_section in pdf ...
CVE-2017-15369The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF b ...
CVE-2017-14686Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause ...
CVE-2017-14685Artifex MuPDF 1.11 allows attackers to cause a denial of service or po ...
CVE-2017-7264Use-after-free vulnerability in the fz_subsample_pixmap function in fi ...
CVE-2017-5991An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9 ...
CVE-2017-5896Heap-based buffer overflow in the fz_subsample_pixmap function in fitz ...
CVE-2016-10221The count_entries function in pdf-layer.c in Artifex Software, Inc. Mu ...
CVE-2016-8728An exploitable heap out of bounds write vulnerability exists in the Fi ...
CVE-2016-8674The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows re ...
CVE-2016-6525Heap-based buffer overflow in the pdf_load_mesh_params function in pdf ...
CVE-2016-6265Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf- ...
CVE-2014-2013Stack-based buffer overflow in the xps_parse_color function in xps/xps ...
CVE-2012-5340SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer ...

Security announcements

DSA / DLADescription
DLA-2765-1mupdf - security update
DLA-2589-2mupdf - regression update
DLA-2589-1mupdf - security update
DSA-4794-1mupdf - security update
DSA-4753-1mupdf - security update
DLA-2289-1mupdf - security update
DLA-1838-1mupdf - security update
DSA-4334-1mupdf - security update
DSA-4152-1mupdf - security update
DSA-4006-2mupdf - security update
DLA-1164-1mupdf - security update
DSA-4006-1mupdf - security update
DSA-3797-1mupdf - security update
DSA-3655-1mupdf - security update
DLA-589-1mupdf - security update
DSA-2951-1mupdf - security update
Search for package or bug name: Reporting problems