MuPDF is vulnerable to denial of service (DoS) attacks and possibly other attacks. This vulnerability is possible because the xps_load_links_in_glyphs
function doesn’t verify if a font can be loaded before trying to load it. This can be triggered using a .xps
file.