CVE-2023-51106

DEB

High

A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c …

CVSS

7.5

High

EPSS

0.01

p48

Published

2023-01-01

Updated

2023-01-01

Description

A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero.

Tags · CWE

Pre-auth

CWE-369

Affected products

Mupdf

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

2023-01-01

Published

2023-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: N

None (N)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.007 · p48

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Product	Vendor	Status
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf		Tracked
mupdf	*	Tracked

Source databases

DEB

CVE

UBU