Nixpkgs security tracker
3.3 LOW
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
Activity log
- Created suggestion
Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds
A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through a bug report but has not responded yet.
References
-
VDB-359840 | Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds vdb-entrytechnical-description
-
-
Submit #802590 | Artifex MuPDF 1.28 Out-of-Bounds Read third-party-advisory
-
https://bugs.ghostscript.com/show_bug.cgi?id=709328 issue-tracking
-
https://artifex.com/ product
Affected products
- ==1.0
- ==1.14
- ==1.10
- ==1.17
- ==1.7
- ==1.19
- ==1.2
- ==1.24
- ==1.15
- ==1.1
- ==1.12
- ==1.27
- ==1.22
- ==1.8
- ==1.16
- ==1.20
- ==1.23
- ==1.21
- ==1.13
- ==1.9
- ==1.3
- ==1.18
- ==1.25
- ==1.11
- ==1.6
- ==1.28.0
- ==1.5
- ==1.26
- ==1.4
Matching in nixpkgs
pkgs.mupdf
Lightweight PDF, XPS, and E-book viewer and toolkit written in portable C
pkgs.mupdf-headless
Lightweight PDF, XPS, and E-book viewer and toolkit written in portable C
pkgs.python312Packages.pymupdf
Python bindings for MuPDF's rendering library
pkgs.python313Packages.pymupdf
Python bindings for MuPDF's rendering library
pkgs.python314Packages.pymupdf
Python bindings for MuPDF's rendering library
pkgs.python312Packages.pymupdf4llm
PyMuPDF Utilities for LLM/RAG - converts PDF pages to Markdown format for Retrieval-Augmented Generation
-
nixos-25.11 pymupdf4llm-0.0.27
- nixos-25.11-small pymupdf4llm-0.0.27
- nixpkgs-25.11-darwin pymupdf4llm-0.0.27
pkgs.python313Packages.pymupdf4llm
PyMuPDF Utilities for LLM/RAG - converts PDF pages to Markdown format for Retrieval-Augmented Generation
-
nixos-unstable pymupdf4llm-0.3.4
- nixpkgs-unstable pymupdf4llm-0.3.4
- nixos-unstable-small pymupdf4llm-0.3.4
-
nixos-25.11 pymupdf4llm-0.0.27
- nixos-25.11-small pymupdf4llm-0.0.27
- nixpkgs-25.11-darwin pymupdf4llm-0.0.27
pkgs.python314Packages.pymupdf4llm
PyMuPDF Utilities for LLM/RAG - converts PDF pages to Markdown format for Retrieval-Augmented Generation
-
nixos-unstable pymupdf4llm-0.3.4
- nixpkgs-unstable pymupdf4llm-0.3.4
- nixos-unstable-small pymupdf4llm-0.3.4
pkgs.zathuraPkgs.zathura_pdf_mupdf
Zathura PDF plugin (mupdf)
-
nixos-unstable 2026.02.03
- nixpkgs-unstable 2026.02.03
- nixos-unstable-small 2026.02.03
pkgs.python312Packages.pymupdf-fonts
Collection of optional fonts for PyMuPDF
pkgs.python313Packages.pymupdf-fonts
Collection of optional fonts for PyMuPDF
pkgs.python314Packages.pymupdf-fonts
Collection of optional fonts for PyMuPDF
Package maintainers
-
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
-
@sarahec Sarah Clark <seclark@nextquestion.net>
-
@ryota2357 Ryota Otsuki <contact@ryota2357.com>
-
@MithicSpirit MithicSpirit <rpc01234@gmail.com>