Product:

Djvulibre

(Djvulibre_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2019-08-18 CVE-2019-15144 In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. Ubuntu_linux, Debian_linux, Djvulibre, Fedora, Leap 5.5
2019-08-18 CVE-2019-15145 DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. Ubuntu_linux, Debian_linux, Djvulibre, Fedora, Leap 5.5
2019-11-07 CVE-2019-18804 DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. Ubuntu_linux, Debian_linux, Djvulibre, Fedora, Leap 7.5
2013-12-02 CVE-2012-6535 DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file. Djvulibre N/A