Xuwei Liu

**Name of the Vulnerable Software and Affected Versions** MuPDF versions prior to 1.18.2 **Description** The issue arises from an out-of-bounds write in the cached color converter, which fails to properly consider the maximum key size of a hash table. This can be observed with crafted "mutool draw" input. **Recommendations** For MuPDF versions prior to 1.18.2, update to version 1.18.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.3 macOS Catalina versions prior to Security Update 2021-002 macOS Mojave versions prior to Security Update 2021-003 Description: A memory corruption issue was addressed with improved validation. This issue may lead to unexpected application termination or arbitrary code execution when opening a maliciously crafted file. Recommendations: For macOS Big Sur versions prior to 11.3, update to macOS Big Sur 11.3. For macOS Catalina versions prior to Security Update 2021-002, apply Security Update 2021-002. For macOS Mojave versions prior to Security Update 2021-003, apply Security Update 2021-003.