CVE-2021-3500

Опубликовано: 24 июн. 2021

Источник: debian

Описание

A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
djvulibre	fixed	3.5.28-2		package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=1943685
Patch in Fedora (not upstream'ed): https://src.fedoraproject.org/rpms/djvulibre/c/fc359410f7131e4ea0a892ef78e6da72f29afeee.patch
https://sourceforge.net/p/djvu/djvulibre-git/ci/cd8b5c97b27a5c1dc83046498b6ca49ad20aa9b6/ (chunk #2 / Patch11) (fixed differently)

Связанные уязвимости

CVE-2021-3500

CVSS3: 7.8

ubuntu

больше 4 лет назад

A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.

CVE-2021-3500

CVSS3: 7.8

nvd

больше 4 лет назад

A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.

openSUSE-SU-2021:1948-1

suse-cvrf

больше 4 лет назад

Security update for djvulibre

openSUSE-SU-2021:0877-1

suse-cvrf

больше 4 лет назад

Security update for djvulibre

SUSE-SU-2021:1948-1

suse-cvrf

больше 4 лет назад

Security update for djvulibre