pdfloadobj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "mupdf-tools": "1.12.0+ds1-1", "libmupdf-dev": "1.12.0+ds1-1", "mupdf": "1.12.0+ds1-1" } ] }