CVE-2025-53367 | DjvuNet DjVuLibre up to 3.5.28 MMRDecoder::scanruns out-of-bounds write (GHSL-2025-055 / EUVD-2025-19908)

A vulnerability, which was classified as critical, has been found in DjvuNet DjVuLibre up to 3.5.28. This issue affects the function MMRDecoder::scanruns. The manipulation leads to out-of-bounds write.

The identification of this vulnerability is CVE-2025-53367. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More