Описание
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | released | 1.76.0-1 |
| devel | released | 1.76.0-1 |
| disco | released | 1.76.0-1 |
| eoan | released | 1.76.0-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | released | 1.76.0-1 |
| esm-apps/jammy | released | 1.76.0-1 |
| esm-apps/noble | released | 1.76.0-1 |
Показывать по
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
6.4 Medium
CVSS2
9.1 Critical
CVSS3