Djvulibre Project Djvulibre vulnerabilities

CVE-2025-53367 [HIGH] CVE-2025-53367: DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting

CVE-2021-46310 [MEDIUM] CWE-369 CVE-2021-46310: An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of s An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.

CVE-2021-46312 [MEDIUM] CWE-369 CVE-2021-46312: An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denia An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.

CVE-2021-3630 [MEDIUM] CWE-787 CVE-2021-3630: An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.c An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.

CVE-2021-32490 [HIGH] CWE-119 CVE-2021-32490: A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.

CVE-2021-32492 [HIGH] CWE-119 CVE-2021-32492: A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool:: A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences.

CVE-2021-32491 [HIGH] CWE-190 CVE-2021-32491: A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.

CVE-2021-32493 [HIGH] CWE-119 CVE-2021-32493: A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap:: A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences.

CVE-2021-3500 [HIGH] CWE-787 CVE-2021-3500: A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::g A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.

CVE-2019-18804 [HIGH] CWE-476 CVE-2019-18804: DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.c DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.

CVE-2019-15143 [MEDIUM] CWE-835 CVE-2019-15143: In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.

CVE-2019-15142 [MEDIUM] CWE-125 CVE-2019-15142: In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of- In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.

CVE-2019-15145 [MEDIUM] CWE-125 CVE-2019-15145: DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out- DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.

CVE-2019-15144 [MEDIUM] CWE-674 CVE-2019-15144: In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.

CVE-2012-6535 [CRITICAL] CWE-94 CVE-2012-6535: DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allow DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.