Vulnerability Name:

CVE-2021-32490 (CCN-204388)

Assigned:2021-05-10
Published:2021-05-10
Updated:2022-12-21
Summary:
CVSS v3 Severity:7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-32490

Source: CCN
Type: SourceForge DjVuLibre Project
DjVuLibre: Open Source DjVu library and viewer

Source: CCN
Type: Red Hat Bugzilla – Bug 1943693
(CVE-2021-32490) - CVE-2021-32490 djvulibre: Out of bounds write in function DJVU::filter_bv() via crafted djvu file

Source: patrick@puiterwijk.org
Type: Issue Tracking, Third Party Advisory
patrick@puiterwijk.org

Source: XF
Type: UNKNOWN
djvulibre-cve202132490-dos(204388)

Source: patrick@puiterwijk.org
Type: Third Party Advisory
patrick@puiterwijk.org

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-32490

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:djvulibre_project:djvulibre:3.5.28:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7464
    P
    		collectd-5.12.0-150400.3.2.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7927
    P
    		libdjvulibre-devel-3.5.27-11.11.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3307
    P
    		ntp-4.2.8p13-85.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94771
    P
    		patch-2.7.6-3.5 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94937
    P
    		libdjvulibre-devel-3.5.27-11.11.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95239
    P
    		Security update for kernel-firmware (Important)
    2022-06-02
    oval:org.opensuse.security:def:6011
    P
    		Security update for zabbix (Moderate)
    2022-04-19
    oval:org.opensuse.security:def:101952
    P
    		Security update for the Linux Kernel (Important)
    2022-04-13
    oval:org.opensuse.security:def:112157
    P
    		djvulibre-3.5.28-3.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105693
    P
    		djvulibre-3.5.28-3.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:101484
    P
    		Security update for c-ares (Important)
    2021-08-17
    oval:org.opensuse.security:def:99658
    P
    		 (Important)
    2021-07-14
    oval:org.opensuse.security:def:111545
    P
    		Security update for djvulibre (Important)
    2021-07-11
    oval:org.opensuse.security:def:99966
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:111394
    P
    		Security update for djvulibre (Important)
    2021-05-22
    oval:org.opensuse.security:def:10081
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:108618
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:92115
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:96954
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:68553
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:75848
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:102557
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:9327
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:99065
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:5691
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:92907
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:70221
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:66780
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:10260
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:8582
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:109223
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:92310
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:96956
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:69467
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:76168
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:101695
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:9510
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:99260
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:93060
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:70400
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:67100
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:117664
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:74283
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:8759
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:95844
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:4126
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:92509
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:69650
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:65215
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:1463
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:9709
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:99459
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:7419
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:93213
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:108150
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:91920
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:68508
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:118308
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:74348
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:8954
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:98870
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:4191
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:92708
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:69849
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:65280
    P
    		Security update for djvulibre (Important)
    2021-05-19
    BACK
    djvulibre_project djvulibre 3.5.28