Total vulnerabilities in the database
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
| Software | From | Fixed in |
|---|---|---|
| djvulibre_project / djvulibre | 3.5.27 | 3.5.27.x |
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 9.0 | 9.0.x |
| debian / debian_linux | 10.0 | 10.0.x |
| debian / debian_linux | 11.0 | 11.0.x |
| fedoraproject / fedora | 29 | 29.x |
| fedoraproject / fedora | 30 | 30.x |
| fedoraproject / fedora | 31 | 31.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 19.04 | 19.04.x |
| canonical / ubuntu_linux | 19.10 | 19.10.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| opensuse / leap | 15.0 | 15.0.x |
| opensuse / leap | 15.1 | 15.1.x |