Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3500 (GCVE-0-2021-3500)
Vulnerability from cvelistv5
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1943685 | Issue Tracking, Third Party Advisory | |
secalert@redhat.com | https://www.debian.org/security/2021/dsa-5032 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1943685 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-5032 | Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:53:17.850Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "name": "DSA-5032", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-5032" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "djvulibre", "vendor": "n/a", "versions": [ { "status": "affected", "version": "djvulibre-3.5.28 and earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-12-28T22:06:30", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "name": "DSA-5032", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-5032" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3500", "datePublished": "2021-06-24T18:02:00", "dateReserved": "2021-04-15T00:00:00", "dateUpdated": "2024-08-03T16:53:17.850Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-3500\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-06-24T19:15:09.140\",\"lastModified\":\"2024-11-21T06:21:41.537\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en djvulibre versiones 3.5.28 y anteriores. Un desbordamiento de pila en la funci\u00f3n DJVU::DjVuDocument::get_djvu_file() por medio de un archivo djvu dise\u00f1ado puede conllevar al bloqueo de la aplicaci\u00f3n y otras consecuencias\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djvulibre_project:djvulibre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.5.28\",\"matchCriteriaId\":\"823F45A3-A9F2-4E3B-9314-C452AC287E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1943685\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5032\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1943685\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
ghsa-5h3c-qqwc-xg6r
Vulnerability from github
A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.
{ "affected": [], "aliases": [ "CVE-2021-3500" ], "database_specific": { "cwe_ids": [ "CWE-119", "CWE-787" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2021-06-24T19:15:00Z", "severity": "HIGH" }, "details": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "id": "GHSA-5h3c-qqwc-xg6r", "modified": "2022-05-24T19:06:13Z", "published": "2022-05-24T19:06:13Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3500" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "type": "WEB", "url": "https://www.debian.org/security/2021/dsa-5032" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
suse-su-2021:14738-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n", "title": "Description of the patch" }, { "category": "details", "text": "sleposp3-djvulibre-14738,slessp4-djvulibre-14738", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14738-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2021:14738-1", "url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114738-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2021:14738-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-May/008890.html" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-05-31T14:27:21Z", "generator": { "date": "2021-05-31T14:27:21Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2021:14738-1", "initial_release_date": "2021-05-31T14:27:21Z", "revision_history": [ { "date": "2021-05-31T14:27:21Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "libdjvulibre21-3.5.21-3.12.1.i586", "product": { "name": "libdjvulibre21-3.5.21-3.12.1.i586", "product_id": "libdjvulibre21-3.5.21-3.12.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "libdjvulibre21-3.5.21-3.12.1.ppc64", "product": { "name": "libdjvulibre21-3.5.21-3.12.1.ppc64", "product_id": "libdjvulibre21-3.5.21-3.12.1.ppc64" } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "libdjvulibre21-3.5.21-3.12.1.s390x", "product": { "name": "libdjvulibre21-3.5.21-3.12.1.s390x", "product_id": "libdjvulibre21-3.5.21-3.12.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "libdjvulibre21-3.5.21-3.12.1.x86_64", "product": { "name": "libdjvulibre21-3.5.21-3.12.1.x86_64", "product_id": "libdjvulibre21-3.5.21-3.12.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product": { "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-pos:11:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product": { "name": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_sles:11:sp4" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.21-3.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:libdjvulibre21-3.5.21-3.12.1.i586" }, "product_reference": "libdjvulibre21-3.5.21-3.12.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.21-3.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.i586" }, "product_reference": "libdjvulibre21-3.5.21-3.12.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.21-3.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.ppc64" }, "product_reference": "libdjvulibre21-3.5.21-3.12.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.21-3.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.s390x" }, "product_reference": "libdjvulibre21-3.5.21-3.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.21-3.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.21-3.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:libdjvulibre21-3.5.21-3.12.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-05-31T14:27:21Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
suse-su-2021:1813-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n", "title": "Description of the patch" }, { "category": "details", "text": "HPE-Helion-OpenStack-8-2021-1813,SUSE-2021-1813,SUSE-OpenStack-Cloud-8-2021-1813,SUSE-OpenStack-Cloud-9-2021-1813,SUSE-OpenStack-Cloud-Crowbar-8-2021-1813,SUSE-OpenStack-Cloud-Crowbar-9-2021-1813,SUSE-SLE-SAP-12-SP3-2021-1813,SUSE-SLE-SAP-12-SP4-2021-1813,SUSE-SLE-SDK-12-SP5-2021-1813,SUSE-SLE-SERVER-12-SP2-BCL-2021-1813,SUSE-SLE-SERVER-12-SP3-2021-1813,SUSE-SLE-SERVER-12-SP3-BCL-2021-1813,SUSE-SLE-SERVER-12-SP4-LTSS-2021-1813,SUSE-SLE-SERVER-12-SP5-2021-1813", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1813-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2021:1813-1", "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211813-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2021:1813-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-May/008888.html" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-05-31T14:28:50Z", "generator": { "date": "2021-05-31T14:28:50Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2021:1813-1", "initial_release_date": "2021-05-31T14:28:50Z", "revision_history": [ { "date": "2021-05-31T14:28:50Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.aarch64", "product": { "name": "djvulibre-3.5.25.3-5.12.1.aarch64", "product_id": "djvulibre-3.5.25.3-5.12.1.aarch64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.aarch64", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.aarch64", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.i586", "product": { "name": "djvulibre-3.5.25.3-5.12.1.i586", "product_id": "djvulibre-3.5.25.3-5.12.1.i586" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.i586", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.i586", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.i586" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.i586", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.i586", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.i586" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.i586", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.i586", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.ppc64le", "product": { "name": "djvulibre-3.5.25.3-5.12.1.ppc64le", "product_id": "djvulibre-3.5.25.3-5.12.1.ppc64le" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.ppc64le", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.ppc64le", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.s390", "product": { "name": "djvulibre-3.5.25.3-5.12.1.s390", "product_id": "djvulibre-3.5.25.3-5.12.1.s390" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.s390", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.s390", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.s390" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.s390", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.s390", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.s390" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.s390", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.s390" } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.s390x", "product": { "name": "djvulibre-3.5.25.3-5.12.1.s390x", "product_id": "djvulibre-3.5.25.3-5.12.1.s390x" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.s390x", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.s390x", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "product": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "product_id": "libdjvulibre21-3.5.25.3-5.12.1.x86_64" } }, { "category": "product_version", "name": "djvulibre-3.5.25.3-5.12.1.x86_64", "product": { "name": "djvulibre-3.5.25.3-5.12.1.x86_64", "product_id": "djvulibre-3.5.25.3-5.12.1.x86_64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.25.3-5.12.1.x86_64", "product": { "name": "djvulibre-doc-3.5.25.3-5.12.1.x86_64", "product_id": "djvulibre-doc-3.5.25.3-5.12.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "product": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "product_id": "libdjvulibre-devel-3.5.25.3-5.12.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "HPE Helion OpenStack 8", "product": { "name": "HPE Helion OpenStack 8", "product_id": "HPE Helion OpenStack 8", "product_identification_helper": { "cpe": "cpe:/o:suse:hpe-helion-openstack:8" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud 8", "product": { "name": "SUSE OpenStack Cloud 8", "product_id": "SUSE OpenStack Cloud 8", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:8" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud 9", "product": { "name": "SUSE OpenStack Cloud 9", "product_id": "SUSE OpenStack Cloud 9", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:9" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud Crowbar 8", "product": { "name": "SUSE OpenStack Cloud Crowbar 8", "product_id": "SUSE OpenStack Cloud Crowbar 8", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8" } } }, { "category": "product_name", "name": "SUSE OpenStack Cloud Crowbar 9", "product": { "name": "SUSE OpenStack Cloud Crowbar 9", "product_id": "SUSE OpenStack Cloud Crowbar 9", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product": { "name": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-sdk:12:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product": { "name": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-bcl:12:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP3-BCL", "product": { "name": "SUSE Linux Enterprise Server 12 SP3-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-bcl:12:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP4-LTSS", "product": { "name": "SUSE Linux Enterprise Server 12 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:12:sp4" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 12 SP5", "product": { "name": "SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sles:12:sp5" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:12:sp5" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of HPE Helion OpenStack 8", "product_id": "HPE Helion OpenStack 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "HPE Helion OpenStack 8" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE OpenStack Cloud 8", "product_id": "SUSE OpenStack Cloud 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 8" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE OpenStack Cloud 9", "product_id": "SUSE OpenStack Cloud 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 9" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", "product_id": "SUSE OpenStack Cloud Crowbar 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", "product_id": "SUSE OpenStack Cloud Crowbar 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", "product_id": "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.25.3-5.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.25.3-5.12.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "HPE Helion OpenStack 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "HPE Helion OpenStack 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "HPE Helion OpenStack 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:libdjvulibre-devel-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:libdjvulibre21-3.5.25.3-5.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:libdjvulibre21-3.5.25.3-5.12.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-05-31T14:28:50Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
suse-su-2021:1948-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-2021-1948,SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-1948,SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-1948,SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2021-1948,SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-1948", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1948-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2021:1948-1", "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211948-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2021:1948-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008988.html" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-06-10T10:32:37Z", "generator": { "date": "2021-06-10T10:32:37Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2021:1948-1", "initial_release_date": "2021-06-10T10:32:37Z", "revision_history": [ { "date": "2021-06-10T10:32:37Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.aarch64", "product": { "name": "djvulibre-3.5.27-11.6.1.aarch64", "product_id": "djvulibre-3.5.27-11.6.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.aarch64", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.aarch64", "product_id": "libdjvulibre21-3.5.27-11.6.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.i586", "product": { "name": "djvulibre-3.5.27-11.6.1.i586", "product_id": "djvulibre-3.5.27-11.6.1.i586" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.i586", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.i586", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.i586" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.i586", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.i586", "product_id": "libdjvulibre21-3.5.27-11.6.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "djvulibre-doc-3.5.27-11.6.1.noarch", "product": { "name": "djvulibre-doc-3.5.27-11.6.1.noarch", "product_id": "djvulibre-doc-3.5.27-11.6.1.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.ppc64le", "product": { "name": "djvulibre-3.5.27-11.6.1.ppc64le", "product_id": "djvulibre-3.5.27-11.6.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "product_id": "libdjvulibre21-3.5.27-11.6.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.s390x", "product": { "name": "djvulibre-3.5.27-11.6.1.s390x", "product_id": "djvulibre-3.5.27-11.6.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.s390x", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.s390x", "product_id": "libdjvulibre21-3.5.27-11.6.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.x86_64", "product": { "name": "djvulibre-3.5.27-11.6.1.x86_64", "product_id": "djvulibre-3.5.27-11.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.x86_64", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.x86_64", "product_id": "libdjvulibre21-3.5.27-11.6.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product": { "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product": { "name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Module for Package Hub 15 SP2", "product": { "name": "SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_identification_helper": { "cpe": "cpe:/o:suse:packagehub:15:sp2" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Module for Package Hub 15 SP3", "product": { "name": "SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:packagehub:15:sp3" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3", "product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.aarch64" }, "product_reference": "djvulibre-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.ppc64le" }, "product_reference": "djvulibre-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.s390x" }, "product_reference": "djvulibre-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP2", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.x86_64" }, "product_reference": "djvulibre-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.aarch64" }, "product_reference": "djvulibre-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.ppc64le" }, "product_reference": "djvulibre-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.s390x" }, "product_reference": "djvulibre-3.5.27-11.6.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP3", "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.x86_64" }, "product_reference": "djvulibre-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP3" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libdjvulibre21-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP2:djvulibre-3.5.27-11.6.1.x86_64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.aarch64", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.ppc64le", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.s390x", "SUSE Linux Enterprise Module for Package Hub 15 SP3:djvulibre-3.5.27-11.6.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-06-10T10:32:37Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
suse-su-2021:1857-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-2021-1857,SUSE-SLE-Product-HPC-15-2021-1857,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1857,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1857,SUSE-SLE-Product-SLES-15-2021-1857,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1857,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1857,SUSE-SLE-Product-SLES_SAP-15-2021-1857,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1857,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1857,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1857,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1857,SUSE-Storage-6-2021-1857", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1857-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2021:1857-1", "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211857-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2021:1857-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008932.html" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-06-04T06:56:20Z", "generator": { "date": "2021-06-04T06:56:20Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2021:1857-1", "initial_release_date": "2021-06-04T06:56:20Z", "revision_history": [ { "date": "2021-06-04T06:56:20Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-3.14.1.aarch64", "product": { "name": "djvulibre-3.5.27-3.14.1.aarch64", "product_id": "djvulibre-3.5.27-3.14.1.aarch64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.27-3.14.1.aarch64", "product": { "name": "djvulibre-doc-3.5.27-3.14.1.aarch64", "product_id": "djvulibre-doc-3.5.27-3.14.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "product": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "product_id": "libdjvulibre-devel-3.5.27-3.14.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-3.14.1.aarch64", "product": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64", "product_id": "libdjvulibre21-3.5.27-3.14.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-3.14.1.i586", "product": { "name": "djvulibre-3.5.27-3.14.1.i586", "product_id": "djvulibre-3.5.27-3.14.1.i586" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.27-3.14.1.i586", "product": { "name": "djvulibre-doc-3.5.27-3.14.1.i586", "product_id": "djvulibre-doc-3.5.27-3.14.1.i586" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-3.14.1.i586", "product": { "name": "libdjvulibre-devel-3.5.27-3.14.1.i586", "product_id": "libdjvulibre-devel-3.5.27-3.14.1.i586" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-3.14.1.i586", "product": { "name": "libdjvulibre21-3.5.27-3.14.1.i586", "product_id": "libdjvulibre21-3.5.27-3.14.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-3.14.1.ppc64le", "product": { "name": "djvulibre-3.5.27-3.14.1.ppc64le", "product_id": "djvulibre-3.5.27-3.14.1.ppc64le" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.27-3.14.1.ppc64le", "product": { "name": "djvulibre-doc-3.5.27-3.14.1.ppc64le", "product_id": "djvulibre-doc-3.5.27-3.14.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "product": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "product_id": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "product": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "product_id": "libdjvulibre21-3.5.27-3.14.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-3.14.1.s390x", "product": { "name": "djvulibre-3.5.27-3.14.1.s390x", "product_id": "djvulibre-3.5.27-3.14.1.s390x" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.27-3.14.1.s390x", "product": { "name": "djvulibre-doc-3.5.27-3.14.1.s390x", "product_id": "djvulibre-doc-3.5.27-3.14.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-3.14.1.s390x", "product": { "name": "libdjvulibre-devel-3.5.27-3.14.1.s390x", "product_id": "libdjvulibre-devel-3.5.27-3.14.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-3.14.1.s390x", "product": { "name": "libdjvulibre21-3.5.27-3.14.1.s390x", "product_id": "libdjvulibre21-3.5.27-3.14.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-3.14.1.x86_64", "product": { "name": "djvulibre-3.5.27-3.14.1.x86_64", "product_id": "djvulibre-3.5.27-3.14.1.x86_64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.27-3.14.1.x86_64", "product": { "name": "djvulibre-doc-3.5.27-3.14.1.x86_64", "product_id": "djvulibre-doc-3.5.27-3.14.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "product": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "product_id": "libdjvulibre-devel-3.5.27-3.14.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-3.14.1.x86_64", "product": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64", "product_id": "libdjvulibre21-3.5.27-3.14.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP1-BCL", "product": { "name": "SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_bcl:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15:sp1" } } }, { "category": "product_name", "name": "SUSE Manager Proxy 4.0", "product": { "name": "SUSE Manager Proxy 4.0", "product_id": "SUSE Manager Proxy 4.0", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-manager-proxy:4.0" } } }, { "category": "product_name", "name": "SUSE Manager Retail Branch Server 4.0", "product": { "name": "SUSE Manager Retail Branch Server 4.0", "product_id": "SUSE Manager Retail Branch Server 4.0", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.0" } } }, { "category": "product_name", "name": "SUSE Manager Server 4.0", "product": { "name": "SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-manager-server:4.0" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 6", "product": { "name": "SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:6" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Manager Proxy 4.0", "product_id": "SUSE Manager Proxy 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Proxy 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Manager Proxy 4.0", "product_id": "SUSE Manager Proxy 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Proxy 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Manager Retail Branch Server 4.0", "product_id": "SUSE Manager Retail Branch Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Manager Retail Branch Server 4.0", "product_id": "SUSE Manager Retail Branch Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.s390x as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.ppc64le as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.ppc64le", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.s390x as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.s390x", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Manager Server 4.0", "product_id": "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Manager Server 4.0" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.aarch64 as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 6" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-3.14.1.x86_64 as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 6" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.aarch64 as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 6" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-3.14.1.x86_64 as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-3.14.1.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 6" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Proxy 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Retail Branch Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre-devel-3.5.27-3.14.1.x86_64", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.ppc64le", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.s390x", "SUSE Manager Server 4.0:libdjvulibre21-3.5.27-3.14.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-06-04T06:56:20Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
opensuse-su-2021:1948-1
Vulnerability from csaf_opensuse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-SLE-15.3-2021-1948", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1948-1.json" }, { "category": "self", "summary": "URL for openSUSE-SU-2021:1948-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4FJJNOEZPW7IPJGLCW6LJNTZX7JZBBT/" }, { "category": "self", "summary": "E-Mail link for openSUSE-SU-2021:1948-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4FJJNOEZPW7IPJGLCW6LJNTZX7JZBBT/" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-07-11T06:26:01Z", "generator": { "date": "2021-07-11T06:26:01Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2021:1948-1", "initial_release_date": "2021-07-11T06:26:01Z", "revision_history": [ { "date": "2021-07-11T06:26:01Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.aarch64", "product": { "name": "djvulibre-3.5.27-11.6.1.aarch64", "product_id": "djvulibre-3.5.27-11.6.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.aarch64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.aarch64", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.aarch64", "product_id": "libdjvulibre21-3.5.27-11.6.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "djvulibre-doc-3.5.27-11.6.1.noarch", "product": { "name": "djvulibre-doc-3.5.27-11.6.1.noarch", "product_id": "djvulibre-doc-3.5.27-11.6.1.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.ppc64le", "product": { "name": "djvulibre-3.5.27-11.6.1.ppc64le", "product_id": "djvulibre-3.5.27-11.6.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "product_id": "libdjvulibre21-3.5.27-11.6.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.s390x", "product": { "name": "djvulibre-3.5.27-11.6.1.s390x", "product_id": "djvulibre-3.5.27-11.6.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.s390x" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.s390x", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.s390x", "product_id": "libdjvulibre21-3.5.27-11.6.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-11.6.1.x86_64", "product": { "name": "djvulibre-3.5.27-11.6.1.x86_64", "product_id": "djvulibre-3.5.27-11.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "product": { "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "product_id": "libdjvulibre-devel-3.5.27-11.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-11.6.1.x86_64", "product": { "name": "libdjvulibre21-3.5.27-11.6.1.x86_64", "product_id": "libdjvulibre21-3.5.27-11.6.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Leap 15.3", "product": { "name": "openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3", "product_identification_helper": { "cpe": "cpe:/o:opensuse:leap:15.3" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.aarch64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.aarch64" }, "product_reference": "djvulibre-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.ppc64le as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.ppc64le" }, "product_reference": "djvulibre-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.s390x as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.s390x" }, "product_reference": "djvulibre-3.5.27-11.6.1.s390x", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-11.6.1.x86_64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.x86_64" }, "product_reference": "djvulibre-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.27-11.6.1.noarch as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:djvulibre-doc-3.5.27-11.6.1.noarch" }, "product_reference": "djvulibre-doc-3.5.27-11.6.1.noarch", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.aarch64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.s390x as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.s390x", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-11.6.1.x86_64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.aarch64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.aarch64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.aarch64", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.ppc64le as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.ppc64le" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.ppc64le", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.s390x as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.s390x" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.s390x", "relates_to_product_reference": "openSUSE Leap 15.3" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-11.6.1.x86_64 as component of openSUSE Leap 15.3", "product_id": "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-11.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:djvulibre-doc-3.5.27-11.6.1.noarch", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:djvulibre-doc-3.5.27-11.6.1.noarch", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:djvulibre-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:djvulibre-doc-3.5.27-11.6.1.noarch", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre-devel-3.5.27-11.6.1.x86_64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.aarch64", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.ppc64le", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.s390x", "openSUSE Leap 15.3:libdjvulibre21-3.5.27-11.6.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-07-11T06:26:01Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
opensuse-su-2024:10719-1
Vulnerability from csaf_opensuse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "djvulibre-3.5.28-3.2 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the djvulibre-3.5.28-3.2 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-10719", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10719-1.json" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15142 page", "url": "https://www.suse.com/security/cve/CVE-2019-15142/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15143 page", "url": "https://www.suse.com/security/cve/CVE-2019-15143/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15144 page", "url": "https://www.suse.com/security/cve/CVE-2019-15144/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-15145 page", "url": "https://www.suse.com/security/cve/CVE-2019-15145/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-18804 page", "url": "https://www.suse.com/security/cve/CVE-2019-18804/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-32490 page", "url": "https://www.suse.com/security/cve/CVE-2021-32490/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-32491 page", "url": "https://www.suse.com/security/cve/CVE-2021-32491/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-32492 page", "url": "https://www.suse.com/security/cve/CVE-2021-32492/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-32493 page", "url": "https://www.suse.com/security/cve/CVE-2021-32493/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "djvulibre-3.5.28-3.2 on GA media", "tracking": { "current_release_date": "2024-06-15T00:00:00Z", "generator": { "date": "2024-06-15T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:10719-1", "initial_release_date": "2024-06-15T00:00:00Z", "revision_history": [ { "date": "2024-06-15T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.28-3.2.aarch64", "product": { "name": "djvulibre-3.5.28-3.2.aarch64", "product_id": "djvulibre-3.5.28-3.2.aarch64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.28-3.2.aarch64", "product": { "name": "djvulibre-doc-3.5.28-3.2.aarch64", "product_id": "djvulibre-doc-3.5.28-3.2.aarch64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.28-3.2.aarch64", "product": { "name": "libdjvulibre-devel-3.5.28-3.2.aarch64", "product_id": "libdjvulibre-devel-3.5.28-3.2.aarch64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.28-3.2.aarch64", "product": { "name": "libdjvulibre21-3.5.28-3.2.aarch64", "product_id": "libdjvulibre21-3.5.28-3.2.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.28-3.2.ppc64le", "product": { "name": "djvulibre-3.5.28-3.2.ppc64le", "product_id": "djvulibre-3.5.28-3.2.ppc64le" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.28-3.2.ppc64le", "product": { "name": "djvulibre-doc-3.5.28-3.2.ppc64le", "product_id": "djvulibre-doc-3.5.28-3.2.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.28-3.2.ppc64le", "product": { "name": "libdjvulibre-devel-3.5.28-3.2.ppc64le", "product_id": "libdjvulibre-devel-3.5.28-3.2.ppc64le" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.28-3.2.ppc64le", "product": { "name": "libdjvulibre21-3.5.28-3.2.ppc64le", "product_id": "libdjvulibre21-3.5.28-3.2.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.28-3.2.s390x", "product": { "name": "djvulibre-3.5.28-3.2.s390x", "product_id": "djvulibre-3.5.28-3.2.s390x" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.28-3.2.s390x", "product": { "name": "djvulibre-doc-3.5.28-3.2.s390x", "product_id": "djvulibre-doc-3.5.28-3.2.s390x" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.28-3.2.s390x", "product": { "name": "libdjvulibre-devel-3.5.28-3.2.s390x", "product_id": "libdjvulibre-devel-3.5.28-3.2.s390x" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.28-3.2.s390x", "product": { "name": "libdjvulibre21-3.5.28-3.2.s390x", "product_id": "libdjvulibre21-3.5.28-3.2.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.28-3.2.x86_64", "product": { "name": "djvulibre-3.5.28-3.2.x86_64", "product_id": "djvulibre-3.5.28-3.2.x86_64" } }, { "category": "product_version", "name": "djvulibre-doc-3.5.28-3.2.x86_64", "product": { "name": "djvulibre-doc-3.5.28-3.2.x86_64", "product_id": "djvulibre-doc-3.5.28-3.2.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.28-3.2.x86_64", "product": { "name": "libdjvulibre-devel-3.5.28-3.2.x86_64", "product_id": "libdjvulibre-devel-3.5.28-3.2.x86_64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.28-3.2.x86_64", "product": { "name": "libdjvulibre21-3.5.28-3.2.x86_64", "product_id": "libdjvulibre21-3.5.28-3.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.28-3.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64" }, "product_reference": "djvulibre-3.5.28-3.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.28-3.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le" }, "product_reference": "djvulibre-3.5.28-3.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.28-3.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x" }, "product_reference": "djvulibre-3.5.28-3.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.28-3.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64" }, "product_reference": "djvulibre-3.5.28-3.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.28-3.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64" }, "product_reference": "djvulibre-doc-3.5.28-3.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.28-3.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le" }, "product_reference": "djvulibre-doc-3.5.28-3.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.28-3.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x" }, "product_reference": "djvulibre-doc-3.5.28-3.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.28-3.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64" }, "product_reference": "djvulibre-doc-3.5.28-3.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.28-3.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64" }, "product_reference": "libdjvulibre-devel-3.5.28-3.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.28-3.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le" }, "product_reference": "libdjvulibre-devel-3.5.28-3.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.28-3.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x" }, "product_reference": "libdjvulibre-devel-3.5.28-3.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.28-3.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.28-3.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.28-3.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64" }, "product_reference": "libdjvulibre21-3.5.28-3.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.28-3.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le" }, "product_reference": "libdjvulibre21-3.5.28-3.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.28-3.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x" }, "product_reference": "libdjvulibre21-3.5.28-3.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.28-3.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" }, "product_reference": "libdjvulibre21-3.5.28-3.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-15142", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-15142" } ], "notes": [ { "category": "general", "text": "In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-15142", "url": "https://www.suse.com/security/cve/CVE-2019-15142" }, { "category": "external", "summary": "SUSE Bug 1146702 for CVE-2019-15142", "url": "https://bugzilla.suse.com/1146702" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2019-15142" }, { "cve": "CVE-2019-15143", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-15143" } ], "notes": [ { "category": "general", "text": "In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-15143", "url": "https://www.suse.com/security/cve/CVE-2019-15143" }, { "category": "external", "summary": "SUSE Bug 1146569 for CVE-2019-15143", "url": "https://bugzilla.suse.com/1146569" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2019-15143" }, { "cve": "CVE-2019-15144", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-15144" } ], "notes": [ { "category": "general", "text": "In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate\u003cTYPE\u003e::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-15144", "url": "https://www.suse.com/security/cve/CVE-2019-15144" }, { "category": "external", "summary": "SUSE Bug 1146571 for CVE-2019-15144", "url": "https://bugzilla.suse.com/1146571" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2019-15144" }, { "cve": "CVE-2019-15145", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-15145" } ], "notes": [ { "category": "general", "text": "DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-15145", "url": "https://www.suse.com/security/cve/CVE-2019-15145" }, { "category": "external", "summary": "SUSE Bug 1146572 for CVE-2019-15145", "url": "https://bugzilla.suse.com/1146572" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2019-15145" }, { "cve": "CVE-2019-18804", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-18804" } ], "notes": [ { "category": "general", "text": "DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-18804", "url": "https://www.suse.com/security/cve/CVE-2019-18804" }, { "category": "external", "summary": "SUSE Bug 1156188 for CVE-2019-18804", "url": "https://bugzilla.suse.com/1156188" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "low" } ], "title": "CVE-2019-18804" }, { "cve": "CVE-2021-32490", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-32490" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-32490", "url": "https://www.suse.com/security/cve/CVE-2021-32490" }, { "category": "external", "summary": "SUSE Bug 1185895 for CVE-2021-32490", "url": "https://bugzilla.suse.com/1185895" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2021-32490" }, { "cve": "CVE-2021-32491", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-32491" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-32491", "url": "https://www.suse.com/security/cve/CVE-2021-32491" }, { "category": "external", "summary": "SUSE Bug 1185900 for CVE-2021-32491", "url": "https://bugzilla.suse.com/1185900" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2021-32491" }, { "cve": "CVE-2021-32492", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-32492" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-32492", "url": "https://www.suse.com/security/cve/CVE-2021-32492" }, { "category": "external", "summary": "SUSE Bug 1185904 for CVE-2021-32492", "url": "https://bugzilla.suse.com/1185904" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2021-32492" }, { "cve": "CVE-2021-32493", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-32493" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-32493", "url": "https://www.suse.com/security/cve/CVE-2021-32493" }, { "category": "external", "summary": "SUSE Bug 1185905 for CVE-2021-32493", "url": "https://bugzilla.suse.com/1185905" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2021-32493" }, { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.s390x", "openSUSE Tumbleweed:djvulibre-doc-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre-devel-3.5.28-3.2.x86_64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.aarch64", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.ppc64le", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.s390x", "openSUSE Tumbleweed:libdjvulibre21-3.5.28-3.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
opensuse-su-2021:0877-1
Vulnerability from csaf_opensuse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for djvulibre", "title": "Title of the patch" }, { "category": "description", "text": "This update for djvulibre fixes the following issues:\n\n- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-2021-877", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0877-1.json" }, { "category": "self", "summary": "URL for openSUSE-SU-2021:0877-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6A76FJWCYCAB3L3OPKMXF4E37JBFGCKH/" }, { "category": "self", "summary": "E-Mail link for openSUSE-SU-2021:0877-1", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6A76FJWCYCAB3L3OPKMXF4E37JBFGCKH/" }, { "category": "self", "summary": "SUSE Bug 1186253", "url": "https://bugzilla.suse.com/1186253" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3500 page", "url": "https://www.suse.com/security/cve/CVE-2021-3500/" } ], "title": "Security update for djvulibre", "tracking": { "current_release_date": "2021-06-16T13:54:07Z", "generator": { "date": "2021-06-16T13:54:07Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2021:0877-1", "initial_release_date": "2021-06-16T13:54:07Z", "revision_history": [ { "date": "2021-06-16T13:54:07Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-lp152.7.6.1.i586", "product": { "name": "djvulibre-3.5.27-lp152.7.6.1.i586", "product_id": "djvulibre-3.5.27-lp152.7.6.1.i586" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "product": { "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "product_id": "libdjvulibre-devel-3.5.27-lp152.7.6.1.i586" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-lp152.7.6.1.i586", "product": { "name": "libdjvulibre21-3.5.27-lp152.7.6.1.i586", "product_id": "libdjvulibre21-3.5.27-lp152.7.6.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "product": { "name": "djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "product_id": "djvulibre-doc-3.5.27-lp152.7.6.1.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "djvulibre-3.5.27-lp152.7.6.1.x86_64", "product": { "name": "djvulibre-3.5.27-lp152.7.6.1.x86_64", "product_id": "djvulibre-3.5.27-lp152.7.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "product": { "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "product_id": "libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64" } }, { "category": "product_version", "name": "libdjvulibre21-3.5.27-lp152.7.6.1.x86_64", "product": { "name": "libdjvulibre21-3.5.27-lp152.7.6.1.x86_64", "product_id": "libdjvulibre21-3.5.27-lp152.7.6.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Leap 15.2", "product": { "name": "openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2", "product_identification_helper": { "cpe": "cpe:/o:opensuse:leap:15.2" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-lp152.7.6.1.i586 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.i586" }, "product_reference": "djvulibre-3.5.27-lp152.7.6.1.i586", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-3.5.27-lp152.7.6.1.x86_64 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.x86_64" }, "product_reference": "djvulibre-3.5.27-lp152.7.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "djvulibre-doc-3.5.27-lp152.7.6.1.noarch as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:djvulibre-doc-3.5.27-lp152.7.6.1.noarch" }, "product_reference": "djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.i586 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.i586" }, "product_reference": "libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64" }, "product_reference": "libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-lp152.7.6.1.i586 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.i586" }, "product_reference": "libdjvulibre21-3.5.27-lp152.7.6.1.i586", "relates_to_product_reference": "openSUSE Leap 15.2" }, { "category": "default_component_of", "full_product_name": { "name": "libdjvulibre21-3.5.27-lp152.7.6.1.x86_64 as component of openSUSE Leap 15.2", "product_id": "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.x86_64" }, "product_reference": "libdjvulibre21-3.5.27-lp152.7.6.1.x86_64", "relates_to_product_reference": "openSUSE Leap 15.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3500", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3500" } ], "notes": [ { "category": "general", "text": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3500", "url": "https://www.suse.com/security/cve/CVE-2021-3500" }, { "category": "external", "summary": "SUSE Bug 1186253 for CVE-2021-3500", "url": "https://bugzilla.suse.com/1186253" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:djvulibre-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:djvulibre-doc-3.5.27-lp152.7.6.1.noarch", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre-devel-3.5.27-lp152.7.6.1.x86_64", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.i586", "openSUSE Leap 15.2:libdjvulibre21-3.5.27-lp152.7.6.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2021-06-16T13:54:07Z", "details": "important" } ], "title": "CVE-2021-3500" } ] }
fkie_cve-2021-3500
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1943685 | Issue Tracking, Third Party Advisory | |
secalert@redhat.com | https://www.debian.org/security/2021/dsa-5032 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1943685 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-5032 | Third Party Advisory |
Vendor | Product | Version | |
---|---|---|---|
djvulibre_project | djvulibre | * | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:djvulibre_project:djvulibre:*:*:*:*:*:*:*:*", "matchCriteriaId": "823F45A3-A9F2-4E3B-9314-C452AC287E97", "versionEndIncluding": "3.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences." }, { "lang": "es", "value": "Se encontr\u00f3 un fallo en djvulibre versiones 3.5.28 y anteriores. Un desbordamiento de pila en la funci\u00f3n DJVU::DjVuDocument::get_djvu_file() por medio de un archivo djvu dise\u00f1ado puede conllevar al bloqueo de la aplicaci\u00f3n y otras consecuencias" } ], "id": "CVE-2021-3500", "lastModified": "2024-11-21T06:21:41.537", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-06-24T19:15:09.140", "references": [ { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-5032" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-5032" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "secalert@redhat.com", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Secondary" } ] }
gsd-2021-3500
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2021-3500", "description": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "id": "GSD-2021-3500", "references": [ "https://www.suse.com/security/cve/CVE-2021-3500.html", "https://www.debian.org/security/2021/dsa-5032", "https://ubuntu.com/security/CVE-2021-3500", "https://advisories.mageia.org/CVE-2021-3500.html", "https://security.archlinux.org/CVE-2021-3500" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-3500" ], "details": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.", "id": "GSD-2021-3500", "modified": "2023-12-13T01:23:34.097634Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-3500", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "djvulibre", "version": { "version_data": [ { "version_affected": "=", "version_value": "djvulibre-3.5.28 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-787", "lang": "eng", "value": "CWE-787" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "name": "https://www.debian.org/security/2021/dsa-5032", "refsource": "MISC", "url": "https://www.debian.org/security/2021/dsa-5032" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:djvulibre_project:djvulibre:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-3500" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-787" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685", "refsource": "MISC", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943685" }, { "name": "DSA-5032", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-5032" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } }, "lastModifiedDate": "2022-03-09T21:41Z", "publishedDate": "2021-06-24T19:15Z" } } }
cnvd-2021-71938
Vulnerability from cnvd
Title: DjVuLibre拒绝服务漏洞
Description:
DjVuLibre是一款DjVu(计算机文件格式)的开源实现,它包括DjVu文件查看器、浏览器插件、DjVu文件解码/编码器和其它实用程序。
DjVuLibre存在拒绝服务漏洞,攻击者可利用该漏洞导致应用程序崩溃。
Severity: 中
Patch Name: DjVuLibre拒绝服务漏洞的补丁
Patch Description:
DjVuLibre是一款DjVu(计算机文件格式)的开源实现,它包括DjVu文件查看器、浏览器插件、DjVu文件解码/编码器和其它实用程序。
DjVuLibre存在拒绝服务漏洞,攻击者可利用该漏洞导致应用程序崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布了漏洞修复程序,请及时关注更新: https://bugzilla.redhat.com/show_bug.cgi?id=1943685
Reference: https://vigilance.fr/vulnerability/DjVuLibre-buffer-overflow-via-DjVuDocument-get-djvu-file-35272
Name | DjVuLibre DjVuLibre <=3.5.28 |
---|
{ "cves": { "cve": { "cveNumber": "CVE-2021-3500" } }, "description": "DjVuLibre\u662f\u4e00\u6b3eDjVu\uff08\u8ba1\u7b97\u673a\u6587\u4ef6\u683c\u5f0f\uff09\u7684\u5f00\u6e90\u5b9e\u73b0\uff0c\u5b83\u5305\u62ecDjVu\u6587\u4ef6\u67e5\u770b\u5668\u3001\u6d4f\u89c8\u5668\u63d2\u4ef6\u3001DjVu\u6587\u4ef6\u89e3\u7801/\u7f16\u7801\u5668\u548c\u5176\u5b83\u5b9e\u7528\u7a0b\u5e8f\u3002\n\nDjVuLibre\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002", "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1943685", "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e", "number": "CNVD-2021-71938", "openTime": "2021-09-18", "patchDescription": "DjVuLibre\u662f\u4e00\u6b3eDjVu\uff08\u8ba1\u7b97\u673a\u6587\u4ef6\u683c\u5f0f\uff09\u7684\u5f00\u6e90\u5b9e\u73b0\uff0c\u5b83\u5305\u62ecDjVu\u6587\u4ef6\u67e5\u770b\u5668\u3001\u6d4f\u89c8\u5668\u63d2\u4ef6\u3001DjVu\u6587\u4ef6\u89e3\u7801/\u7f16\u7801\u5668\u548c\u5176\u5b83\u5b9e\u7528\u7a0b\u5e8f\u3002\r\n\r\nDjVuLibre\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002", "patchName": "DjVuLibre\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01", "products": { "product": "DjVuLibre DjVuLibre \u003c=3.5.28" }, "referenceLink": "https://vigilance.fr/vulnerability/DjVuLibre-buffer-overflow-via-DjVuDocument-get-djvu-file-35272", "serverity": "\u4e2d", "submitTime": "2021-05-11", "title": "DjVuLibre\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e" }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.