AVG-1899 log

Package djvulibre
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 3.5.28-2
Fixed 3.5.28-3
Current 3.5.28-6 [extra]
Ticket FS#70787
Created Fri Apr 30 14:14:02 2021
Issue Severity Remote Type Description
CVE-2021-32493 Medium No Arbitrary code execution
A security issue was found in djvulibre. A heap buffer overflow in the function DJVU::GBitmap::decode() may lead to an application crash and other...
CVE-2021-32492 Medium No Arbitrary code execution
A security issue was found in djvulibre. An out of bounds read in the function DJVU::DataPool::has_data() may lead to an application crash and other...
CVE-2021-32491 Medium No Arbitrary code execution
A security issue was found in djvulibre. An integer overflow in the function render() in tools/ddjvu may lead to an application crash and other consequences...
CVE-2021-32490 Medium No Arbitrary code execution
A security issue was found in djvulibre. An out of bounds write in the function DJVU::filter_bv() may lead to an application crash and other consequences...
CVE-2021-3500 Medium No Arbitrary code execution
A security issue was found in djvulibre. A stack overflow in the function DJVU::DjVuDocument::get_djvu_file() may lead to an application crash and other...
Date Advisory Package Type
25 May 2021 ASA-202105-18 djvulibre arbitrary code execution