Vulnerabilities > Djvulibre Project

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2021-46310 Divide By Zero vulnerability in Djvulibre Project Djvulibre 3.5.28
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.
network
low complexity
djvulibre-project CWE-369
6.5
2023-08-22 CVE-2021-46312 Divide By Zero vulnerability in Djvulibre Project Djvulibre 3.5.28
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.
network
low complexity
djvulibre-project CWE-369
6.5
2021-06-30 CVE-2021-3630 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault.
5.5
2021-06-24 CVE-2021-32490 Out-of-bounds Write vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-787
7.8
2021-06-24 CVE-2021-32491 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-190
7.8
2021-06-24 CVE-2021-32492 Out-of-bounds Read vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-125
7.8
2021-06-24 CVE-2021-32493 Out-of-bounds Write vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-787
7.8
2021-06-24 CVE-2021-3500 A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian
7.8
2019-11-07 CVE-2019-18804 NULL Pointer Dereference vulnerability in multiple products
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.
7.5
2019-08-18 CVE-2019-15145 Out-of-bounds Read vulnerability in multiple products
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
5.5