In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
References
Configurations
History
07 Nov 2023, 02:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-12-06 00:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-19881
Mitre link : CVE-2018-19881
CVE.ORG link : CVE-2018-19881
JSON object : View
Products Affected
artifex
- mupdf
CWE
CWE-400
Uncontrolled Resource Consumption