CVE-2021-46312 - Vulnerability Details - OpenCVE

ReportizFlow

An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Djvulibre Project	Djvulibre

Configuration 1 [-]

cpe:2.3:a:djvulibre_project:djvulibre:3.5.28:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/
https://lists.fedoraproject.org/archives/list/[email protected]/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/
https://lists.fedoraproject.org/archives/list/[email protected]/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/
https://sourceforge.net/p/djvu/bugs/344/

History

Tue, 04 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.fedoraproject.org/archives/list/[email protected]/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/ https://lists.fedoraproject.org/archives/list/[email protected]/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/

Tue, 04 Nov 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 03 Nov 2025 20:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-22T00:00:00.000Z

Updated: 2025-11-04T17:12:21.345Z

Reserved: 2022-01-18T00:00:00.000Z

Link: CVE-2021-46312

Vulnrichment

Updated: 2025-11-04T17:12:21.345Z

NVD

Status : Modified

Published: 2023-08-22T19:16:21.993

Modified: 2025-11-04T18:15:39.367

Link: CVE-2021-46312

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-46312", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-11-04T17:12:21.345Z", "dateReserved": "2022-01-18T00:00:00.000Z", "datePublished": "2023-08-22T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-10T17:11:26.428Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sourceforge.net/p/djvu/bugs/344/"}, {"name": "FEDORA-2024-d20163632f", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/"}, {"name": "FEDORA-2024-891c09df97", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}, {"name": "FEDORA-2024-e8b9bedd36", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-10T20:19:16.728236Z", "id": "CVE-2021-46312", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T20:19:55.159Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://sourceforge.net/p/djvu/bugs/344/", "tags": ["x_transferred"]}, {"name": "FEDORA-2024-d20163632f", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/"}, {"name": "FEDORA-2024-891c09df97", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}, {"name": "FEDORA-2024-e8b9bedd36", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T17:12:21.345Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sourceforge.net/p/djvu/bugs/344/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/", "name": "FEDORA-2024-d20163632f", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/", "name": "FEDORA-2024-891c09df97", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/", "name": "FEDORA-2024-e8b9bedd36", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T17:12:21.345Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46312", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-10T20:19:16.728236Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T20:19:47.511Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://sourceforge.net/p/djvu/bugs/344/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/", "name": "FEDORA-2024-d20163632f", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/", "name": "FEDORA-2024-891c09df97", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/", "name": "FEDORA-2024-e8b9bedd36", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-10T17:11:26.428Z"}}}, "cveMetadata": {"cveId": "CVE-2021-46312", "state": "PUBLISHED", "dateUpdated": "2025-11-04T17:12:21.345Z", "dateReserved": "2022-01-18T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-08-22T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:djvulibre_project:djvulibre:3.5.28:*:*:*:*:*:*:*", "matchCriteriaId": "AB6AADCA-4B27-46ED-BFC8-391793461AB2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero."}, {"lang": "es", "value": "Un problema fue descubierto IW44EncodeCodec.cpp en djvulibre 3.5.28 en permite a los atacantes causar una denegaci\u00f3n de servicio a trav\u00e9s de dividir por cero."}], "id": "CVE-2021-46312", "lastModified": "2025-11-04T18:15:39.367", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-08-22T19:16:21.993", "references": [{"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking"], "url": "https://sourceforge.net/p/djvu/bugs/344/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4APFAWR7QE27GXQMRKR6XKNZWWUJ5YMH/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HN4JOIBNMJMW2NQSGT6DCDCQZJ2ROFM7/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/XEEGAR4WUF6LTOJEHSON7I2MBTPFTVR5/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://sourceforge.net/p/djvu/bugs/344/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-369"}], "source": "[email protected]", "type": "Primary"}]}