7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
29.4%
Severity: Medium
Date : 2021-05-25
CVE-ID : CVE-2021-3500 CVE-2021-32490 CVE-2021-32491 CVE-2021-32492
CVE-2021-32493
Package : djvulibre
Type : arbitrary code execution
Remote : No
Link : https://security.archlinux.org/AVG-1899
The package djvulibre before version 3.5.28-3 is vulnerable to
arbitrary code execution.
Upgrade to 3.5.28-3.
The problems have been fixed upstream but no release is available yet.
None.
A security issue was found in djvulibre. A stack overflow in the
function DJVU::DjVuDocument::get_djvu_file() may lead to an application
crash and other consequences via a crafted djvu file.
A security issue was found in djvulibre. An out of bounds write in the
function DJVU::filter_bv() may lead to an application crash and other
consequences via a crafted djvu file.
A security issue was found in djvulibre. An integer overflow in the
function render() in tools/ddjvu may lead to an application crash and
other consequences via a crafted djvu file.
A security issue was found in djvulibre. An out of bounds read in the
function DJVU::DataPool::has_data() may lead to an application crash
and other consequences via a crafted djvu file.
A security issue was found in djvulibre. A heap buffer overflow in the
function DJVU::GBitmap::decode() may lead to an application crash and
other consequences via a crafted djvu file.
An attacker could cause a crash, or possible execute arbitrary code,
using a crafted djvu file.
https://bugs.archlinux.org/task/70787
https://bugzilla.redhat.com/show_bug.cgi?id=1943685
https://bugzilla.redhat.com/show_bug.cgi?id=1943411
https://src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-djvuport-stack-overflow.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1943693
https://bugzilla.redhat.com/show_bug.cgi?id=1943408
https://bugzilla.redhat.com/attachment.cgi?id=1770184&action=diff
https://src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-check-image-size.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1943684
https://bugzilla.redhat.com/show_bug.cgi?id=1943409
https://bugzilla.redhat.com/attachment.cgi?id=1770218&action=diff
https://src.fedoraproject.org/rpms/djvulibre/blob/4b8d9b4bcb10c24739ca2dcd68a7fba4abe90860/f/djvulibre-3.5.27-integer-overflow.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1943686
https://bugzilla.redhat.com/show_bug.cgi?id=1943410
https://bugzilla.redhat.com/attachment.cgi?id=1770220&action=diff
https://src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-check-input-pool.patch
https://bugzilla.redhat.com/show_bug.cgi?id=1943690
https://bugzilla.redhat.com/show_bug.cgi?id=1943424
https://bugzilla.redhat.com/attachment.cgi?id=1774554&action=diff
https://src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-unsigned-short-overflow.patch
https://security.archlinux.org/CVE-2021-3500
https://security.archlinux.org/CVE-2021-32490
https://security.archlinux.org/CVE-2021-32491
https://security.archlinux.org/CVE-2021-32492
https://security.archlinux.org/CVE-2021-32493
bugs.archlinux.org/task/70787
bugzilla.redhat.com/attachment.cgi?id=1770184&action=diff
bugzilla.redhat.com/attachment.cgi?id=1770218&action=diff
bugzilla.redhat.com/attachment.cgi?id=1770220&action=diff
bugzilla.redhat.com/attachment.cgi?id=1774554&action=diff
bugzilla.redhat.com/show_bug.cgi?id=1943408
bugzilla.redhat.com/show_bug.cgi?id=1943409
bugzilla.redhat.com/show_bug.cgi?id=1943410
bugzilla.redhat.com/show_bug.cgi?id=1943411
bugzilla.redhat.com/show_bug.cgi?id=1943424
bugzilla.redhat.com/show_bug.cgi?id=1943684
bugzilla.redhat.com/show_bug.cgi?id=1943685
bugzilla.redhat.com/show_bug.cgi?id=1943686
bugzilla.redhat.com/show_bug.cgi?id=1943690
bugzilla.redhat.com/show_bug.cgi?id=1943693
security.archlinux.org/AVG-1899
security.archlinux.org/CVE-2021-32490
security.archlinux.org/CVE-2021-32491
security.archlinux.org/CVE-2021-32492
security.archlinux.org/CVE-2021-32493
security.archlinux.org/CVE-2021-3500
src.fedoraproject.org/rpms/djvulibre/blob/4b8d9b4bcb10c24739ca2dcd68a7fba4abe90860/f/djvulibre-3.5.27-integer-overflow.patch
src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-check-image-size.patch
src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-check-input-pool.patch
src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-djvuport-stack-overflow.patch
src.fedoraproject.org/rpms/djvulibre/blob/rawhide/f/djvulibre-3.5.27-unsigned-short-overflow.patch
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
29.4%