CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38266
https://notcve.org/view.php?id=CVE-2022-38266
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. Un problema en la biblioteca enlazada Leptonica (v1.79.0) permite a los atacantes provocar una excepción aritmética que conduce a una denegación de servicio (DoS) a través de un archivo JPEG manipulado • https://github.com/DanBloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614 https://github.com/tesseract-ocr/tesseract/issues/3498 https://lists.debian.org/debian-lts-announce/2022/12/msg00018.html https://security.gentoo.org/glsa/202312-01 • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2020-36281
https://notcve.org/view.php?id=CVE-2020-36281
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. Leptonica versiones anteriores a 1.80.0, permite una lectura excesiva del búfer en la región heap de la memoria en la función pixFewColorsOctcubeQuantMixed en el archivo colorquant1.c • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22140 https://github.com/DanBloomberg/leptonica/commit/5ee24b398bb67666f6d173763eaaedd9c36fb1e5 https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0 https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD5AIWHWE334HGYZJR2U3I3JYKSSO2LW • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-36280
https://notcve.org/view.php?id=CVE-2020-36280
Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. Leptonica versiones anteriores a 1.80.0, permite una lectura excesiva del búfer en la región heap de la memoria en la función pixReadFromTiffStream, relacionado con el archivo tiffio.c • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23654 https://github.com/DanBloomberg/leptonica/commit/5ba34b1fe741d69d43a6c8cf767756997eadd87c https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD5AIWHWE334HGYZJR2U3I3JYKSSO2LW https://security.gentoo.org/glsa/202107-53 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2020-36279
https://notcve.org/view.php?id=CVE-2020-36279
Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. Leptonica versiones anteriores a 1.80.0, permite una lectura excesiva del búfer en la región heap de la memoria en la función rasteropGeneralLow, relacionada con los archivos adaptmap_reg.c y adaptmap.c • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22512 https://github.com/DanBloomberg/leptonica/commit/3c18c43b6a3f753f0dfff99610d46ad46b8bfac4 https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0 https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD5AIWHWE334HGYZJR2U3I3JYKSSO2LW • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2020-36278
https://notcve.org/view.php?id=CVE-2020-36278
Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. Leptonica versiones anteriores a la 1.80.0, permite una lectura excesiva del búfer en la región heap de la memoria en la función findNextBorderPixel en el archivo ccbord.c • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23433 https://github.com/DanBloomberg/leptonica/commit/8d6e1755518cfb98536d6c3daf0601f226d16842 https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0 https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD5AIWHWE334HGYZJR2U3I3JYKSSO2LW • CWE-125: Out-of-bounds Read •