Published: 11/03/2021 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Leptonica prior to 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
leptonica leptonica
fedoraproject fedora 32
fedoraproject fedora 33
debian debian linux 9.0

Debian Bug report logs - #985089 CVE-2020-36277 CVE-2020-36278 CVE-2020-36279 CVE-2020-36280 CVE-2020-36281 Package: src:leptonlib; Maintainer for src:leptonlib is Jeff Breidenbach <jab@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 12 Mar 2021 19:06:01 UTC Severity: grave Tags: security, up ...

CWE-670 https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0 https://github.com/DanBloomberg/leptonica/pull/499 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21997 https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html https://security.gentoo.org/glsa/202107-53 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD5AIWHWE334HGYZJR2U3I3JYKSSO2LW/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985089 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-36277

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect