CVE-2018-19777

MEDIUM

Artifex MuPDF <1.14.0 - Buffer Overflow

Title source: llm

In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.

Core 3

Core References

Exploit, Third Party Advisory

Various Sources

Mailing List, Third Party Advisory vendor-advisory

CVSS v3 5.5

EPSS 0.0027

EPSS Percentile 50.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-835

Status published

Products (3)

artifex/mupdf 1.14.0

debian/debian_linux 8.0

debian/debian_linux 9.0

Published Nov 30, 2018

Tracked Since Feb 18, 2026