Advisory ROSA-SA-2026-3242

software: djvulibre 3.5.29 WASP: ROSA-CHROME unaffected versions = djvulibre-3.5.29-1 affected versions djvulibre-3.5.29-1 CVE-ID: CVE-2021-46312 BDU-ID: 2023-05878 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the IW44EncodeCodec.cpp component of the library for viewing, creating, editing DjVu...

USN-8054-1 djvulibre vulnerabilities

It was discovered that DjVuLibre could be forced to execute a division by zero in certain instances. A remote attacker could possibly use this issue to cause applications to stop responding or crash, resulting in a denial of service. CVE-2021-46312 It was discovered that DjVuLibre incorrectly...

ROS-20250904-09

Vulnerability in the IW44Image.cpp component of the library for viewing, creating, editing DjVu files DjVuLibre is related to errors of bounds checking when processing unreliable input data in method MMRDecoder::scanruns method. Exploitation of the vulnerability could allow an attacker acting...

Linux Distros Unpatched Vulnerability : CVE-2021-46310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero. CVE-2021-46310 Note that Nessus...

The vulnerability of the function DJVU::DjVuDocument::get_djvu_file() in the DjVuLibre library and utilities allows a perpetrator to execute arbitrary code.

The vulnerability of the function DJVU::DjVuDocument::getdjvufile in the DjVuLibre library and utilities is caused by buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code...