In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
https://www.debian.org/security/2018/dsa-4334
https://security.gentoo.org/glsa/201811-15
https://bugs.ghostscript.com/show_bug.cgi?id=698890
https://bugs.ghostscript.com/show_bug.cgi?id=698888
https://bugs.ghostscript.com/show_bug.cgi?id=698886
https://bugs.ghostscript.com/show_bug.cgi?id=698882
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5564
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5511
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5503
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5501