CVE-2018-19881

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
Configurations

Configuration 1 (hide)

cpe:2.3:a:artifex:mupdf:1.14.0:*:*:*:*:*:*:*

History

16 Sep 2024, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://bugs.ghostscript.com/show_bug.cgi?id=700342', 'tags': ['Issue Tracking', 'Third Party Advisory'], 'source': 'cve@mitre.org'}
  • {'url': 'https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=a7f7d91cdff8d303c11d458fa8b802776f73c8cc', 'source': 'cve@mitre.org'}
  • () https://bugs.ghostscript.com/show_bug.cgi?id=700442 -
  • () https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b -

12 Sep 2024, 17:15

Type Values Removed Values Added
References
  • () https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=a7f7d91cdff8d303c11d458fa8b802776f73c8cc -

07 Nov 2023, 02:55

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/', 'name': 'FEDORA-2019-15af6a9a07', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/', 'name': 'FEDORA-2019-befe3bd225', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEK2EHVNREJ7XZMFF2MXRWKIF4IBHPNE/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNJNEX5EW6YH5OARXXSSXW4HHC5PIBSY/ -

Information

Published : 2018-12-06 00:29

Updated : 2024-09-16 16:15


NVD link : CVE-2018-19881

Mitre link : CVE-2018-19881

CVE.ORG link : CVE-2018-19881


JSON object : View

Products Affected

artifex

  • mupdf
CWE
CWE-400

Uncontrolled Resource Consumption