CVE-2025-53367 HIGH

CVE-2025-53367: DjVuLibre OOB-Write Vulnerability in MMRDecoder

Vendor Djvunet
Product DjVuLibre
Weakness CWE-787
Published July 3, 2025
Last update November 4, 2025

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29.

Key dates

02Disclosure timeline

July 3, 2025 CVE published
November 4, 2025 Record updated