Debian Djvulibre vulnerabilities

CVE-2025-53367 [HIGH] CVE-2025-53367: djvulibre - DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing... DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a

CVE-2021-32492 [HIGH] CVE-2021-32492: djvulibre - A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in funct... A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences. Scope: local bookworm: resolved (fixed in 3.5.28-2) bullseye: resolved (fixed in 3.5.28-2) forky: resolved (fixed in 3.5.28-2) sid: resolved (fixed in 3.5.28-2) trixie: resolved (

CVE-2021-32490 [HIGH] CVE-2021-32490: djvulibre - A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in func... A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. Scope: local bookworm: resolved (fixed in 3.5.28-2) bullseye: resolved (fixed in 3.5.28-2) forky: resolved (fixed in 3.5.28-2) sid: resolved (fixed in 3.5.28-2) trixie: resolved (fixed in

CVE-2021-3500 [HIGH] CVE-2021-3500: djvulibre - A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function D... A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences. Scope: local bookworm: resolved (fixed in 3.5.28-2) bullseye: resolved (fixed in 3.5.28-2) forky: resolved (fixed in 3.5.28-2) sid: resolved (fixed in 3.5.28-2) trixie: resolved

CVE-2021-32493 [HIGH] CVE-2021-32493: djvulibre - A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in func... A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences. Scope: local bookworm: resolved (fixed in 3.5.28-2) bullseye: resolved (fixed in 3.5.28-2) forky: resolved (fixed in 3.5.28-2) sid: resolved (fixed in 3.5.28-2) trixie: resolved (fi

CVE-2021-32491 [HIGH] CVE-2021-32491: djvulibre - A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in functio... A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. Scope: local bookworm: resolved (fixed in 3.5.28-2) bullseye: resolved (fixed in 3.5.28-2) forky: resolved (fixed in 3.5.28-2) sid: resolved (fixed in 3.5.28-2) trixie: resolved (fixed

CVE-2021-3630 [MEDIUM] CVE-2021-3630: djvulibre - An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::de... An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28. Scope: local bookworm: resolved (fixed in 3.5.27.1-12) bullseye: resolved (fixed in 3.5.27.1-12) forky: resolved (fixed in 3.5.27.1-12) s

CVE-2021-46312 [MEDIUM] CVE-2021-46312: djvulibre - An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attack... An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero. Scope: local bookworm: resolved (fixed in 3.5.28-2.2~deb12u1) bullseye: resolved (fixed in 3.5.28-2.2~deb11u1) forky: resolved (fixed in 3.5.28-2.2) sid: resolved (fixed in 3.5.28-2.2) trixie: resolved (fixed in 3.5.28-2.2)

CVE-2021-46310 [MEDIUM] CVE-2021-46310: djvulibre - An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to... An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero. Scope: local bookworm: resolved (fixed in 3.5.28-2.2~deb12u1) bullseye: resolved (fixed in 3.5.28-2.2~deb11u1) forky: resolved (fixed in 3.5.28-2.2) sid: resolved (fixed in 3.5.28-2.2) trixie: resolved (fixed in 3.5.28-2.2)

CVE-2019-18804 [HIGH] CVE-2019-18804: djvulibre - DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv ... DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. Scope: local bookworm: resolved (fixed in 3.5.27.1-14) bullseye: resolved (fixed in 3.5.27.1-14) forky: resolved (fixed in 3.5.27.1-14) sid: resolved (fixed in 3.5.27.1-14) trixie: resolved (fixed in 3.5.27.1-14)

CVE-2019-15142 [MEDIUM] CVE-2019-15142: djvulibre - In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers t... In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. Scope: local bookworm: resolved (fixed in 3.5.27.1-11) bullseye: resolved (fixed in 3.5.27.1-11) forky: resolved (fixed in 3.5

CVE-2019-15143 [MEDIUM] CVE-2019-15143: djvulibre - In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a den... In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp. Scope: local bookworm: resolved (fixed in 3.5.27.1-11) bullseye: resolved (fixed in 3.5.27.1-11) fork

CVE-2019-15145 [MEDIUM] CVE-2019-15145: djvulibre - DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (applicati... DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. Scope: local bookworm: resolved (fixed in 3.5.27.1-11) bullseye: re

CVE-2019-15144 [MEDIUM] CVE-2019-15144: djvulibre - In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) ... In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. Scope: local bookworm: resolved (fixed in 3.5.27.1-11) bullseye: resolved (fixed in 3.5.27.1-11) forky: resolved (fixe

CVE-2012-6535 [CRITICAL] CVE-2012-6535: djvulibre - DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and o... DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file. Scope: local bookworm: resolved (fixed in 3.5.25.3-1) bullseye: resolved (fixed in 3.5.25.3-1) forky: resolved (fixed in 3.5.25.3-1) s