Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fzkeepkey_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
{ "binaries": [ { "binary_name": "libmupdf-dev", "binary_version": "1.12.0+ds1-1" }, { "binary_name": "mupdf", "binary_version": "1.12.0+ds1-1" }, { "binary_name": "mupdf-tools", "binary_version": "1.12.0+ds1-1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }