Vulnerabilities > CVE-2021-36081 - Use After Free vulnerability in Tesseract OCR Project Tesseract OCR 5.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-free during a strpbrk call.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
- https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55
- https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55