CVE-2020-36277

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Leptonica versions prior to 1.80.0

Description The issue is related to an incorrect left shift in the pixConvert2To8 function in pixconv.c, which can cause a denial of service (application crash). This can be exploited by a remote attacker to disrupt service.

Recommendations For versions prior to 1.80.0, update to version 1.80.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the pixConvert2To8 function in pixconv.c to minimize the risk of exploitation.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-670

Related Identifiers

BDU:2021-05306

CVE-2020-36277

DLA-2612-1

MGASA-2021-0290

OESA-2021-1327

ROSA-SA-2025-2626

Affected Products

Astra Linux

Leptonica

CVE-2020-36277

Weakness Enumeration

Related Identifiers

Affected Products

References · 35