CVE-2021-3500

Debian Bug report logs - #988215 CVE-2021-3500 Package: src:djvulibre; Maintainer for src:djvulibre is Barak A Pearlmutter <bap@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 7 May 2021 19:39:03 UTC Severity: important Tags: security, upstream Reply or subscribe to this bug Toggle u ...

Several vulnerabilities were discovered in djvulibre, a library and set of tools to handle documents in the DjVu format An attacker could crash document viewers and possibly execute arbitrary code through crafted DjVu files For the oldstable distribution (buster), these problems have been fixed in version 35271-10+deb10u1 For the stable distr ...

A flaw was found in djvulibre-3528 and earlier An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences (CVE-2021-32490) A flaw was found in djvulibre-3528 and earlier An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application cr ...

A security issue was found in latest djvulibre A stack overflow in the function DJVU::DjVuDocument::get_djvu_file() via a crafted djvu file may lead to an application crash and other consequences ...