Lucene search
Gentoo FoundationMGASA-2022-0472HistoryDec 17, 2022 - 9:48 p.m.
Updated leptonica packages fix security vulnerability
2022-12-1721:48:08
Gentoo Foundation
advisories.mageia.org
26
leptonica packages
security vulnerability
denial of service
leptonlib
arithmetic exception
jpeg files
cve-2022-38266
unix
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
53.1%
This update fixes a denial of service vulnerability in leptonlib. It can be made to crash with an arithmetic exception on specially crafted JPEG files. (CVE-2022-38266)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | leptonica | < 1.81.0-1 | leptonica-1.81.0-1.mga8 |
| Mageia | 8 | noarch | mingw-leptonica | < 1.81.0-1 | mingw-leptonica-1.81.0-1.mga8 |
Related
nessus
nessus
Debian DLA-3233-1 : leptonlib - LTS security update
2022-12-11 00:00:00
RHEL 8 : leptonica (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : leptonica (Unpatched Vulnerability)
2024-05-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2178
2023-07-04 12:41:09
debian
debian
[SECURITY] [DLA 3233-1] leptonlib security update
2022-12-08 13:35:55
prion
prion
Design/Logic Flaw
2022-09-09 22:15:00
osv
osv
CVE-2022-38266
2022-09-09 22:15:08
leptonlib - security update
2022-12-08 00:00:00
debiancve
debiancve
CVE-2022-38266
2022-09-09 22:15:08
openvas
openvas
Debian: Security Advisory (DLA-3233-1)
2022-12-09 00:00:00
Mageia: Security Advisory (MGASA-2022-0472)
2022-12-19 00:00:00
ubuntucve
ubuntucve
CVE-2022-38266
2022-09-09 00:00:00
cve
cve
CVE-2022-38266
2022-09-09 22:15:08
redhatcve
redhatcve
CVE-2022-38266
2022-10-06 08:27:46
nvd
nvd
CVE-2022-38266
2022-09-09 22:15:08
cvelist
cvelist
CVE-2022-38266
2022-09-09 00:00:00
gentoo
gentoo
Leptonica: Multiple Vulnerabilities
2023-12-18 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
53.1%
Related for MGASA-2022-0472