Leptonica 1.79.0

CPE Details

Leptonica 1.79.0
leptonica
leptonica
1.79.0
2021-09-22
17h39 +00:00
2021-09-22
17h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:leptonica:leptonica:1.79.0:*:*:*:*:*:*:*

Informations

Vendor

leptonica

Product

leptonica

Version

1.79.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-38266 2022-09-08 22h00 +00:00 An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.
6.5
Medium
CVE-2020-36281 2021-03-11 23h00 +00:00 Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
7.5
High
CVE-2020-36280 2021-03-11 23h00 +00:00 Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.
7.5
High
CVE-2020-36279 2021-03-11 23h00 +00:00 Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.
7.5
High
CVE-2020-36278 2021-03-11 22h59 +00:00 Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
7.5
High
CVE-2020-36277 2021-03-11 19h23 +00:00 Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.