Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in DjVuLibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...

7.8CVSS7.2AI score0.00944EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/07/03 8:52 p.m.5 views

CVE-2025-53367: An exploitable out-of-bounds write in DjVuLibre

DjVuLibre version 3.5.29 was released today. It fixes CVE-2025-53367 GHSL-2025-055, an out-of-bounds OOB write in the MMRDecoder::scanruns method. The vulnerability could be exploited to gain code execution on a Linux Desktop system when the user tries to open a crafted document. DjVu is a docume...

8.4CVSS8.3AI score0.00741EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.4 views

SUSE CVE-2021-3500

A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::getdjvufile via crafted djvu file may lead to application crash and other consequences...

7.5CVSS6.9AI score0.00944EPSS
Exploits0References9
OSV
OSV
added 2021/07/03 11:3 a.m.2 views

OESA-2021-1255 djvulibre security update

DjVu is a set of compression technologies, a file format, and a software platform for the deliveryover the Web of digital documents, scanned documents, and high resolution images.DjVu documents download and display extremely quickly, and look exactly the same on all platforms with no compatibilit...

7.8CVSS7.2AI score0.01001EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/06/01 12:0 a.m.5 views

The vulnerability of the function DJVU::DjVuDocument::get_djvu_file() in the DjVuLibre library and utilities allows a perpetrator to execute arbitrary code.

The vulnerability of the function DJVU::DjVuDocument::getdjvufile in the DjVuLibre library and utilities is caused by buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

10CVSS7.8AI score0.00944EPSS
Exploits0References13Affected Software6
Rows per page
Query Builder