cpe:/a:djvulibre_project:djvulibre:3.5.27 CVE-2019-15144 2019-08-18T15:15:09.967-04:00 2019-08-30T05:15:19.473-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov MLIST [debian-lts-announce] 20190829 [SECURITY] [DLA 1902-1] djvulibre security update MISC https://sourceforge.net/p/djvu/bugs/299/ MISC https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/ SUSE openSUSE-SU-2019:2217 SUSE openSUSE-SU-2019:2219 In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.