5 matches found
Astra Linux – Vulnerability in DjVuLibre
DjVuLibre 3.5.27 allows attackers to carry out a denial-of-service attack application crashes due to an out-of-bounds read by creating a corrupted JB2 image file. This occurs due to improper handling of the JB2 image file in the JB2Dict::JB2Codec::getdirectcontext function in libdjvu/JB2Image.h,...
Unity Linux 20.1070e Security Update: djvulibre (UTSA-2025-680671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680671 advisory. DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack application crash via an out-of- bounds read by crafting a corrupted JB2 image file that is...
DEBIAN-CVE-2019-15145
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack application crash via an out-of-bounds read by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::getdirectcontext in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h...
UBUNTU-CVE-2019-15145
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack application crash via an out-of-bounds read by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::getdirectcontext in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h...
DjVuLibre Buffer Overflow Vulnerability (CNVD-2019-29361)
DjVuLibre is an open source implementation of DjVu computer file format that includes a DjVu file viewer, browser plug-in, DjVu file decoder/encoder and other utilities. A buffer overflow vulnerability exists in DjVuLibre version 3.5.27, which stems from a failure to perform zero-byte checking in...