OpenCVE

MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Artifex	Mupdf
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f
https://bugs.ghostscript.com/show_bug.cgi?id=703791
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-07-21T21:02:04

Updated: 2024-08-04T01:16:03.758Z

Reserved: 2021-07-21T00:00:00

Link: CVE-2021-37220

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-07-21T22:15:08.170

Modified: 2024-11-21T06:14:53.407

Link: CVE-2021-37220

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-11-04T03:06:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=703791"}, {"tags": ["x_refsource_MISC"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f"}, {"name": "FEDORA-2021-e1d8a99caa", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-37220", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugs.ghostscript.com/show_bug.cgi?id=703791", "refsource": "MISC", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=703791"}, {"name": "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f", "refsource": "MISC", "url": "http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f"}, {"name": "FEDORA-2021-e1d8a99caa", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:16:03.758Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=703791"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f"}, {"name": "FEDORA-2021-e1d8a99caa", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-37220", "datePublished": "2021-07-21T21:02:04", "dateReserved": "2021-07-21T00:00:00", "dateUpdated": "2024-08-04T01:16:03.758Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:artifex:mupdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "E019F36C-710D-41EE-9CF5-C434226D2F51", "versionEndIncluding": "1.18.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted \"mutool draw\" input."}, {"lang": "es", "value": "MuPDF versiones hasta 1.18.1 presenta una escritura fuera de l\u00edmites porque el convertidor de color en cach\u00e9 no considera apropiadamente el tama\u00f1o m\u00e1ximo de la clave de una tabla hash. Esto puede verse, por ejemplo, con la entrada \"mutool draw\" dise\u00f1ada"}], "id": "CVE-2021-37220", "lastModified": "2024-11-21T06:14:53.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-21T22:15:08.170", "references": [{"source": "cve@mitre.org", "url": "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=703791"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.ghostscript.com/?p=mupdf.git%3Bh=f5712c9949d026e4b891b25837edd2edc166151f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=703791"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKRMREIYUBGG2GV73CU7BJNW2Q34IP23/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}