CVE-2019-18804

Published: 07 November 2019

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
djvulibre
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.04 LTS (Focal Fossa)
Released (3.5.27.1-13ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (3.5.27.1-8ubuntu0.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (3.5.27.1-5ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist

Patches:
Upstream: https://sourceforge.net/p/djvu/djvulibre-git/ci/c8bec6549c10ffaa2f2fbad8bbc629efdf0dd125/