CVE-2023-31794

Summary

CVE-2023-31794 is a newly disclosed vulnerability affecting MuPDF version 1.21.1. This issue involves an infinite recursion in the pdf_mark_list_push component, which can be exploited by attackers to trigger a Denial of Service (DoS) attack. By crafting a malicious PDF file, cybercriminals can cause MuPDF to consume excessive resources, leading to a crash or system overload. This vulnerability poses a significant risk to organizations and individuals using MuPDF for PDF document processing. It is highly recommended that users update to the latest version of MuPDF to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.