EPSS
Percentile
69.9%
mupdf is vulnerable to denial of service. The fz_append_byte function in fitz/buffer.c due to an array-index underflow allows remote attackers to cause a denial of service through a segmentation fault via a malicious pdf file.
fz_append_byte
fitz/buffer.c
bugs.ghostscript.com/show_bug.cgi?id=699685
lists.debian.org/debian-lts-announce/2020/07/msg00019.html
security-tracker.debian.org/tracker/CVE-2018-16648