CPE-32F8D85D-53D9-45C5-BB73-3D738F883E42 Detail

CPE Details

Leptonica 1.71

Vendor

leptonica

Product

leptonica

Version

1.71

Created

2019-08-08
15h15 +00:00

Modified

2019-08-08
15h15 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:leptonica:leptonica:1.71:::::::*

Informations

Vendor

leptonica

Product

leptonica

Version

1.71

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-38266	2022-09-08 22h00 +00:00	An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.	6.5	Medium
CVE-2020-36281	2021-03-11 23h00 +00:00	Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.	7.5	High
CVE-2020-36280	2021-03-11 23h00 +00:00	Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.	7.5	High
CVE-2020-36279	2021-03-11 23h00 +00:00	Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.	7.5	High
CVE-2020-36278	2021-03-11 22h59 +00:00	Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.	7.5	High
CVE-2020-36277	2021-03-11 19h23 +00:00	Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.	7.5	High
CVE-2018-7440	2018-02-22 23h00 +00:00	An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836.	9.8	Critical
CVE-2018-7441	2018-02-22 23h00 +00:00	Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c.	7	High
CVE-2018-7442	2018-02-22 23h00 +00:00	An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.	9.1	Critical
CVE-2018-7247	2018-02-19 18h00 +00:00	An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.	9.8	Critical
CVE-2018-7186	2018-02-15 23h00 +00:00	Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.	9.8	Critical

Leptonica 1.71

CPE Details

CPE Name: cpe:2.3:a:leptonica:leptonica:1.71:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:leptonica:leptonica:1.71:::::::*