What the vulnerability does

01Description

An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.

Key dates

02Disclosure timeline

June 30, 2021 CVE published
August 3, 2024 Record updated