Search CVE reports
1 – 10 of 24 results
CVE-2022-4104
Medium priorityA loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.
1 affected packages
lepton
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lepton | — | Not in release | Not in release | Needs evaluation | Ignored |
CVE-2022-26181
Medium priorityDropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
1 affected packages
lepton
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lepton | — | — | — | Needs evaluation | Ignored |
CVE-2020-36281
Medium priorityLeptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
1 affected packages
leptonlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
leptonlib | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2020-36280
Medium priorityLeptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.
1 affected packages
leptonlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
leptonlib | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2020-36279
Medium priorityLeptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.
1 affected packages
leptonlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
leptonlib | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2020-36278
Medium priorityLeptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.
1 affected packages
leptonlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
leptonlib | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2020-36277
Medium priorityLeptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
1 affected packages
leptonlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
leptonlib | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-20820
Low priorityread_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
1 affected packages
lepton
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lepton | — | — | — | Not affected | Not in release |
CVE-2018-20819
Medium priorityio/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a...
1 affected packages
lepton
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lepton | — | — | — | Not affected | Not in release |
CVE-2018-12108
Medium priorityAn issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed file.
1 affected packages
lepton
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lepton | Not in release | Not in release | Not in release | Vulnerable | Not in release |