Vulnerabilities > Leptonica > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-23 | CVE-2018-7442 | Path Traversal vulnerability in Leptonica An issue was discovered in Leptonica through 1.75.3. | 9.1 |
| 2018-02-23 | CVE-2018-7440 | OS Command Injection vulnerability in multiple products An issue was discovered in Leptonica through 1.75.3. | 9.8 |
| 2018-02-19 | CVE-2018-7247 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Leptonica An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. | 9.8 |
| 2018-02-16 | CVE-2018-7186 | Out-of-bounds Write vulnerability in multiple products Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. | 9.8 |