22 matches found
Ubuntu: Security Advisory (USN-4819-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0279)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0154)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated leptonica packages fix security vulnerabilities
This update fixes a security issue potential injection attack using gplot rootdir originally reported in CVE-2018-3836. This fix was incomplete and again reported in CVE-2018-7440 and CVE-2018-7442. The improved fix is included in leptonica-1.76.0...
Fedora Update for leptonica FEDORA-2018-c6e8b5f529
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
Leptonica 1.74.4 is affected by CVE-2018-3836 in gplotMakeOutput, where the gplot rootname can trigger a command injection leading to arbitrary code execution. This is a local-access vulnerability; CVSS base scores indicate HIGH severity. Public references and advisories note that an improved fix...
Fedora Update for leptonica FEDORA-2018-cbf621a53c
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-leptonica FEDORA-2018-cbf621a53c
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : leptonica / mingw-leptonica (2018-78570112db)
This update fixes CVE-2017-18196. ---- This update backports security fixes for CVE-2018-3836, CVE-2018-7186 and CVE-2018-7247. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...
Fedora Update for leptonica FEDORA-2018-78570112db
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : leptonica / mingw-leptonica (2018-cbf621a53c)
This update fixes CVE-2017-18196. ---- This update backports security fixes for CVE-2018-3836, CVE-2018-7186 and CVE-2018-7247. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...
openSUSE Security Update : leptonica (openSUSE-2018-226)
This update for leptonica fixes the following issues : - CVE-2018-7247: Fixed a buffer overflow in in src/viewfiles.c with unsanitized input rootname boo1081631 - CVE-2018-7186: Fixed multiple stack-based buffer overflows in gplotRead and ptaReadStream boo1081576 - CVE-2018-3836: Added additional...
Updated leptonica packages fix a security vulnerability
Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...
MGASA-2018-0154 Updated leptonica packages fix a security vulnerability
Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...
CVE-2018-7440
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836...
Command injection
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836...
CVE-2018-7440
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836...
CVE-2018-7440
CVE-2018-7440 affects Leptonica up to 1.75.3, where the gplotMakeOutput function allows command injection via a $(command) path argument. This arises from an incomplete fix for CVE-2018-3836 and can lead to arbitrary code execution. Public references in the connected data indicate multiple distri...