Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26519
Reference (s):
- DEBIAN:DSA-4794
- URL: https://www.debian.org/security/2020/dsa-4794
- FEDORA:FEDORA-2020-3cea1ac8f3
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJMBKWVY7ZBIQV3EU5YHEFH5XWV4PABG/
- FEDORA:FEDORA-2020-972ad7c8a8