CNNVD-202602-1636 Information
CNNVD ID
CNNVD-202602-1636
Related CVE
- CNNVD Published: 2026-02-10
Description (Chinese)
artifex mupdf是个人开发者的一款富文本编辑器。富文本编辑器不同于文本编辑器,程序员可到网上下载免费的富文本编辑器内嵌于自己的网站或程序里(当然付费的功能会更强大些),方便用户编辑文章或信息。 artifex mupdf 1.26.1及之前版本存在代码问题漏洞,该漏洞源于函数get_system_dpi存在不受控的搜索路径。
Description (English)
Artifex mupdf is a rich text editor for personal developers. A rich text editor is different from a text editor, and a programmer can go to a free-of-charge text editor on the Internet and be embedded in his or her website or programme (of course, the pay-for-the-money feature will be stronger) to facilitate the user ’ s editing of articles or information. Artifex mupdf 1.26.1 and previous versions have a code problem loophole, which stems from the uncontrolled search path of the function Get system dpi.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2026-02-10
Last Modified
2026-02-24
References
https://vuldb.com/?id.344924 https://casper.mupdf.com/downloads/archive/mupdf-1.26.2-windows.zip https://vuldb.com/?submit.750978 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=ebb125334eb007d64e579204af3c264aadf2e244 https://artifex.com/ https://vuldb.com/?ctiid.344924 https://access.redhat.com/security/cve/cve-2025-15569