CVE-2021-3500
CVE-2021-3500
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
24 Jun 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.
Affected products
n/a · djvulibre