Use After Free Vulnerability in MuPDF 1.16.0 Allows Denial of Service via Crafted PDF File

Use After Free Vulnerability in MuPDF 1.16.0 Allows Denial of Service via Crafted PDF File

CVE-2020-21896 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.

Learn more about our Web Application Penetration Testing UK.