JLSEC-2026-208

Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c...

Linux Distros Unpatched Vulnerability : CVE-2020-36279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmapreg.c and adaptmap.c. CVE-2020-36279 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2020-36277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Leptonica before 1.80.0 allows a denial of service application crash via an incorrect left shift in pixConvert2To8 in pixconv.c. CVE-2020-36277 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2020-36281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. CVE-2020-36281 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2018-7441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating...

Linux Distros Unpatched Vulnerability : CVE-2018-7442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially...

OPENSUSE-SU-2024:10914-1 leptonica-devel-1.80.0-1.9 on GA media

These are all security issues fixed in the leptonica-devel-1.80.0-1.9 package on the GA media of openSUSE Tumbleweed...

RHEL 9 : leptonica (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - leptonica: arithmetic exception leads to denial of service CVE-2022-38266 Note that Nessus has not tested for this...

RHEL 8 : leptonica (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - leptonica: arithmetic exception leads to denial of service CVE-2022-38266 Note that Nessus has not tested for this...

RHEL 9 : leptonica (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - leptonica: arithmetic exception leads to denial of service CVE-2022-38266 Note that Nessus has not tested for this...

GLSA-202312-01 : Leptonica: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-01 Leptonica: Multiple Vulnerabilities - Leptonica 1.74.4 constructs unintended pathnames containing duplicated path components when operating on files in /tmp subdirectories, which might allow local users to bypass intende...

Leptonica: Multiple Vulnerabilities

Background Leptonica is a C library for image processing and analysis. Description Multiple vulnerabilities have been discovered in Leptonica. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

Ubuntu 16.04 ESM : Leptonica vulnerabilities (USN-4819-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4819-1 advisory. It was discovered that Leptonica incorrectly handled path names. An attacker could possibly use this issue to obtain sensitive information. This issue on...

Ubuntu 18.04 ESM : Leptonica vulnerability (USN-5143-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5143-1 advisory. It was discovered that Leptonica incorrectly handled certain image files. An attacker could possibly use this issue to execute arbitrary code or other unspecified...

OESA-2023-1134 leptonica security update

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shearon images of arbitrary pixel depth Projective and bi-linear transforms Binar...

SUSE CVE-2018-7440

An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836...

SUSE CVE-2020-36277

Leptonica before 1.80.0 allows a denial of service application crash via an incorrect left shift in pixConvert2To8 in pixconv.c...

Ubuntu: Security Advisory (USN-5143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2022-0472)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

An issue in the Leptonica linked library v1.79.0 allows attackers to cause an arithmetic exception leading to a Denial of Service DoS via a crafted JPEG file...