Your submission was sent successfully! Close

CVE-2020-19609

Published: 21 July 2021

Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
mupdf
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream
Released (1.17.0+ds1-2)
xenial Ignored
(out of standard support)