CVE-2023-31794

5.5MEDIUM

Key Information

Vendor: Artifex
Status: MuPDF
Vendor: CVE Published:; 31 October 2023

Summary

MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 31, 2023
Vulnerability Reserved.
Apr 29, 2023

Collectors

NVD DatabaseMitre Database