cpe:/a:djvulibre_project:djvulibre:3.5.27 CVE-2019-15143 2019-08-18T15:15:09.887-04:00 2019-08-30T05:15:19.300-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov MLIST [debian-lts-announce] 20190829 [SECURITY] [DLA 1902-1] djvulibre security update MISC https://sourceforge.net/p/djvu/bugs/297/ MISC https://sourceforge.net/p/djvu/djvulibre-git/ci/b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f/ SUSE openSUSE-SU-2019:2217 SUSE openSUSE-SU-2019:2219 In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.