Vulnerabilities > Leptonica

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-23	CVE-2017-18196	Path Traversal vulnerability in Leptonica 1.74.4 Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif. local low complexity leptonica CWE-22	3.3
2018-02-19	CVE-2018-7247	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Leptonica An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. network low complexity leptonica CWE-119 critical	9.8
2018-02-16	CVE-2018-7186	Out-of-bounds Write vulnerability in multiple products Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. network low complexity leptonica debian CWE-787 critical	9.8

Vulnerabilities > Leptonica {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Leptonica"}]}