CVE Tools

artifex

OSS LibrariesUScommercial

171

Cumulative CVEs

36

Monthly snapshots

#17

Peak rank

Top products

ghostscript3 ghostxps1 mupdf1

Latest CVEs

The 15 most recently published vulnerabilities affecting artifex.

CVE-2026-7233Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds3.3Apr 28, 2026
CVE-2026-40505MuPDF < 1.27 mutool ANSI Injection via Metadata3.3Apr 16, 2026
CVE-2025-15569Artifex MuPDF win_main.c get_system_dpi uncontrolled search path7.0Feb 10, 2026
CVE-2026-25556MuPDF 1.23.0 through 1.27.0 Barcode Decoding Double Free7.5Feb 6, 2026
CVE-2025-55780A null pointer dereference occurs in the function break_word_for_overflow_wrap() in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fz_html_split_flow() to s...7.5Sep 23, 2025
CVE-2025-59801In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xps_unpredict_tiff in xpstiff.c because the samplesperpixel value is not checked.4.3Sep 22, 2025
CVE-2025-59800In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.4.3Sep 22, 2025
CVE-2025-59799Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.4.3Sep 22, 2025
CVE-2025-59798Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.4.3Sep 22, 2025
CVE-2025-46206An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing...6.5Aug 4, 2025
CVE-2025-7462Artifex GhostPDL New Output File Open Error gdevpdf.c pdf_ferror null pointer dereference4.3Jul 12, 2025
CVE-2025-48708gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.4.0May 23, 2025
CVE-2025-46646In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954.4.5Apr 26, 2025
CVE-2025-27837An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.9.8Mar 25, 2025
CVE-2025-27836An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.9.8Mar 25, 2025