Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Leptonica Subscribe
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-3836 2 Debian, Leptonica 2 Debian Linux, Leptonica 2023-02-03 7.2 HIGH 7.8 HIGH
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.
CVE-2022-38266 3 Debian, Leptonica, Tesseract Project 3 Debian Linux, Leptonica, Tesseract 2023-01-31 N/A 6.5 MEDIUM
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.
CVE-2020-36281 4 Debian, Fedoraproject, Leptonica and 1 more 4 Debian Linux, Fedora, Leptonica and 1 more 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
CVE-2020-36280 2 Fedoraproject, Leptonica 2 Fedora, Leptonica 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.
CVE-2020-36279 4 Debian, Fedoraproject, Leptonica and 1 more 4 Debian Linux, Fedora, Leptonica and 1 more 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.
CVE-2020-36278 4 Debian, Fedoraproject, Leptonica and 1 more 4 Debian Linux, Fedora, Leptonica and 1 more 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
CVE-2020-36277 4 Debian, Fedoraproject, Leptonica and 1 more 4 Debian Linux, Fedora, Leptonica and 1 more 2021-12-03 5.0 MEDIUM 7.5 HIGH
Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
CVE-2018-7186 2 Debian, Leptonica 2 Debian Linux, Leptonica 2020-08-24 7.5 HIGH 9.8 CRITICAL
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.
CVE-2017-18196 1 Leptonica 1 Leptonica 2019-10-02 2.1 LOW 3.3 LOW
Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif.
CVE-2018-7440 2 Debian, Leptonica 2 Debian Linux, Leptonica 2019-10-02 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836.
CVE-2018-7441 1 Leptonica 1 Leptonica 2018-03-19 4.4 MEDIUM 7.0 HIGH
Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c.
CVE-2018-7442 1 Leptonica 1 Leptonica 2018-03-17 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
CVE-2018-7247 1 Leptonica 1 Leptonica 2018-03-14 7.5 HIGH 9.8 CRITICAL
An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.