djvulibre

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Library and utilities to create, manipulate and view DjVu (déjà vu) documents
Version 3.5.28-6 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1899 3.5.28-2 3.5.28-3 Medium Fixed FS#70787
Issue Group Severity Remote Type Description
CVE-2021-32493 AVG-1899 Medium No Arbitrary code execution
A security issue was found in djvulibre. A heap buffer overflow in the function DJVU::GBitmap::decode() may lead to an application crash and other...
CVE-2021-32492 AVG-1899 Medium No Arbitrary code execution
A security issue was found in djvulibre. An out of bounds read in the function DJVU::DataPool::has_data() may lead to an application crash and other...
CVE-2021-32491 AVG-1899 Medium No Arbitrary code execution
A security issue was found in djvulibre. An integer overflow in the function render() in tools/ddjvu may lead to an application crash and other consequences...
CVE-2021-32490 AVG-1899 Medium No Arbitrary code execution
A security issue was found in djvulibre. An out of bounds write in the function DJVU::filter_bv() may lead to an application crash and other consequences...
CVE-2021-3500 AVG-1899 Medium No Arbitrary code execution
A security issue was found in djvulibre. A stack overflow in the function DJVU::DjVuDocument::get_djvu_file() may lead to an application crash and other...

Advisories

Date Advisory Group Severity Type
25 May 2021 ASA-202105-18 AVG-1899 Medium arbitrary code execution