Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1
CVE-2018-7442
- EPSS 0.19%
- Veröffentlicht 23.02.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:08
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
9.8
CVE-2018-7247
- EPSS 0.39%
- Veröffentlicht 19.02.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:52
An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.
9.8
CVE-2018-7186
- EPSS 3.12%
- Veröffentlicht 16.02.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:45
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long...