19 matches found
openSUSE Security Advisory (SUSE-SU-2025:02703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : djvulibre (SUSE-SU-2025:02695-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02695-1 advisory. - CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. bsc1245773 Tenable has extracted the preceding description...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : djvulibre (SUSE-SU-2025:02703-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02703-1 advisory. - CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. bsc1245773...
SUSE-SU-2025:02703-1 Security update for djvulibre
This update for djvulibre fixes the following issues: - CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. bsc1245773...
SUSE-SU-2025:02695-1 Security update for djvulibre
This update for djvulibre fixes the following issues: - CVE-2025-53367: Fixed a bug where a crafted document may lead to an out of bound write. bsc1245773...
Important: djvulibre
Issue Overview: DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the...
Amazon Linux 2 : djvulibre (ALASMATE-DESKTOP1.X-2025-010)
The version of djvulibre installed on the remote host is prior to 3.5.27-30. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2025-010 advisory. DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to...
Debian dla-4247 : djview - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4247 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4247-1 [email protected]...
Fedora: Security Advisory (FEDORA-2025-e286662e59)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : mingw-djvulibre (2025-0f35c5dbbb)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0f35c5dbbb advisory. Update to 3.5.29, fixes CVE-2025-53367. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 42 : mingw-djvulibre (2025-e286662e59)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e286662e59 advisory. Update to 3.5.29, fixes CVE-2025-53367. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora: Security Advisory (FEDORA-2025-0f35c5dbbb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
djvulibre-3.5.29-1.1 on GA media (moderate)
djvulibre-3.5.29-1.1 on GA media Announcement ID: openSUSE-SU-2025:15319-1 Rating: moderate Cross-References: CVE-2025-53367 CVSS scores: CVE-2025-53367 SUSE : 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H CVE-2025-53367 SUSE : 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:...
Debian: Security Advisory (DSA-5960-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5960-1] djvulibre security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5960-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 07, 2025 https://www.debian.org/security/faq -...
Debian dsa-5960 : djview - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5960 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5960-1 [email protected] https://www.debian.org/security/...
CVE-2025-53367
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367
creationtimestamp| type| source ---|---|--- 2025-07-03 18:02:01+00:00| seen| https://seclists.org/oss-sec/2025/q3/5 2025-07-03 18:52:20+00:00| seen| https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/ 2025-07-03 20:26:47+00:00| seen|...