Leptonica · Leptonica · CVE-2020-36281
**Name of the Vulnerable Software and Affected Versions**
Leptonica versions prior to 1.80.0
**Description**
The issue is related to a heap-based buffer over-read in the `pixFewColorsOctcubeQuantMixed` function in the `colorquant1.c` file. This can potentially allow a remote attacker to cause a denial of service. The estimated number of potentially affected devices worldwide is not specified.
**Recommendations**
For versions prior to 1.80.0, update to version 1.80.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `pixFewColorsOctcubeQuantMixed` function in the `colorquant1.c` file until a patch is available.