CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-37220

MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.6%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2021-37220

Artifex » Mupdf » Version: 0.6

cpe:2.3:a:artifex:mupdf:0.6
Artifex » Mupdf » Version: 0.7

cpe:2.3:a:artifex:mupdf:0.7
Artifex » Mupdf » Version: 0.8

cpe:2.3:a:artifex:mupdf:0.8
Artifex » Mupdf » Version: 0.8.15

cpe:2.3:a:artifex:mupdf:0.8.15
Artifex » Mupdf » Version: 0.8.165

cpe:2.3:a:artifex:mupdf:0.8.165
Artifex » Mupdf » Version: 0.9

cpe:2.3:a:artifex:mupdf:0.9
Artifex » Mupdf » Version: 0.9.1

cpe:2.3:a:artifex:mupdf:0.9.1
Artifex » Mupdf » Version: 1.0

cpe:2.3:a:artifex:mupdf:1.0
Artifex » Mupdf » Version: 1.1

cpe:2.3:a:artifex:mupdf:1.1
Artifex » Mupdf » Version: 1.10

cpe:2.3:a:artifex:mupdf:1.10
Artifex » Mupdf » Version: 1.10a

cpe:2.3:a:artifex:mupdf:1.10a
Artifex » Mupdf » Version: 1.11

cpe:2.3:a:artifex:mupdf:1.11
Artifex » Mupdf » Version: 1.12

cpe:2.3:a:artifex:mupdf:1.12
Artifex » Mupdf » Version: 1.12.0

cpe:2.3:a:artifex:mupdf:1.12.0
Artifex » Mupdf » Version: 1.13

cpe:2.3:a:artifex:mupdf:1.13
Artifex » Mupdf » Version: 1.13.0

cpe:2.3:a:artifex:mupdf:1.13.0
Artifex » Mupdf » Version: 1.14.0

cpe:2.3:a:artifex:mupdf:1.14.0
Artifex » Mupdf » Version: 1.15.0

cpe:2.3:a:artifex:mupdf:1.15.0
Artifex » Mupdf » Version: 1.15.1

cpe:2.3:a:artifex:mupdf:1.15.1
Artifex » Mupdf » Version: 1.15.2

cpe:2.3:a:artifex:mupdf:1.15.2
Artifex » Mupdf » Version: 1.16.0

cpe:2.3:a:artifex:mupdf:1.16.0
Artifex » Mupdf » Version: 1.16.1

cpe:2.3:a:artifex:mupdf:1.16.1
Artifex » Mupdf » Version: 1.17.0

cpe:2.3:a:artifex:mupdf:1.17.0
Artifex » Mupdf » Version: 1.18.0

cpe:2.3:a:artifex:mupdf:1.18.0
Artifex » Mupdf » Version: 1.18.1

cpe:2.3:a:artifex:mupdf:1.18.1
Artifex » Mupdf » Version: 1.2

cpe:2.3:a:artifex:mupdf:1.2
Artifex » Mupdf » Version: 1.3

cpe:2.3:a:artifex:mupdf:1.3
Artifex » Mupdf » Version: 1.4

cpe:2.3:a:artifex:mupdf:1.4
Artifex » Mupdf » Version: 1.5

cpe:2.3:a:artifex:mupdf:1.5
Artifex » Mupdf » Version: 1.6

cpe:2.3:a:artifex:mupdf:1.6
Artifex » Mupdf » Version: 1.7

cpe:2.3:a:artifex:mupdf:1.7
Artifex » Mupdf » Version: 1.7.1

cpe:2.3:a:artifex:mupdf:1.7.1
Artifex » Mupdf » Version: 1.7a

cpe:2.3:a:artifex:mupdf:1.7a
Artifex » Mupdf » Version: 1.8

cpe:2.3:a:artifex:mupdf:1.8
Artifex » Mupdf » Version: 1.8.1

cpe:2.3:a:artifex:mupdf:1.8.1
Artifex » Mupdf » Version: 1.9

cpe:2.3:a:artifex:mupdf:1.9
Artifex » Mupdf » Version: 1.9a

cpe:2.3:a:artifex:mupdf:1.9a
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-37220

Products

Pricing

Contact Us