Описание
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.75.3-2 |
| cosmic | not-affected | 1.75.3-2 |
| devel | not-affected | 1.75.3-2 |
| disco | not-affected | 1.75.3-2 |
| eoan | not-affected | 1.75.3-2 |
| esm-apps/bionic | not-affected | 1.75.3-2 |
| esm-apps/focal | not-affected | 1.75.3-2 |
| esm-apps/jammy | not-affected | 1.75.3-2 |
| esm-apps/xenial | released | 1.73-1ubuntu0.1~esm1 |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.
An exploitable command injection vulnerability exists in the gplotMake ...
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.
EPSS
7.2 High
CVSS2
7.8 High
CVSS3