Skip to content

Instantly share code, notes, and snippets.

@spookhorror
Created October 29, 2023 14:03
Show Gist options
  • Save spookhorror/c770d118767b1b0d89fdfe2845169d06 to your computer and use it in GitHub Desktop.
Save spookhorror/c770d118767b1b0d89fdfe2845169d06 to your computer and use it in GitHub Desktop.
Hello everyone,
I have discovered a Denial of Service (DoS) issue in MuPDF v1.21.1. Additionally, CVE-2023-31794 has been assigned to this issue.
Impact:
DoS
Description:
MuPDF v1.21.1 has been found to contain a vulnerability that allows for infinite recursion in the component pdf_mark_list_push. This vulnerability enables attackers to trigger a Denial of Service (DoS) by using a crafted PDF file.
Reference:
https://bugs.ghostscript.com/show_bug.cgi?id=706506
https://git.ghostscript.com/?p=mupdf.git;h=c0015401693b58e2deb5d75c39f27bc1216e47c6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment