Lucene search

[email protected]CVE-2021-46312

HistoryAug 22, 2023 - 7:16 p.m.

CVE-2021-46312

2023-08-2219:16:21

CWE-369

[email protected]

web.nvd.nist.gov

cve-2021-46312

djvulibre

denial of service

divide by zero

security issue

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

27.4%

JSON

An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.

Affected configurations

NVD

Node

djvulibre_projectdjvulibreMatch3.5.28

VendorProductVersionCPE
djvulibre_projectdjvulibre3.5.28cpe:/a:djvulibre_project:djvulibre:3.5.28:::

Vendor	Product	Version	CPE
djvulibre_project	djvulibre	3.5.28	cpe:/a:djvulibre_project:djvulibre:3.5.28:::

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/

sourceforge.net/p/djvu/bugs/344/

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

27.4%

JSON

Related for CVE-2021-46312

cvelist1 vulnrichment1 debiancve1 alpinelinux1 prion1 veracode1 ubuntucve1 nvd1 nessus6 fedora3 openvas6 mageia1 redos1 rosalinux1