CVE-2020-36277

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-36277
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36277.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-36277
Downstream
Related
Published
2021-03-11T21:15:11Z
Modified
2025-10-14T17:55:22.507416Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.

References

Affected packages

Git / github.com/danbloomberg/leptonica

Affected ranges

Type
GIT
Repo
https://github.com/danbloomberg/leptonica
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1ac72c93fef1a5eb76b76d6723d2aee843dd6e51

Affected versions

1.*

1.74.0
1.74.1
1.74.2
1.74.3
1.74.4
1.75.0
1.75.1
1.75.2
1.75.3
1.76.0
1.77.0
1.78.0
1.79.0

v1.*

v1.42
v1.44
v1.46
v1.48
v1.50
v1.52
v1.54
v1.56
v1.58
v1.60
v1.61
v1.62
v1.63
v1.64
v1.65
v1.66
v1.67
v1.68
v1.69
v1.70
v1.71
v1.72
v1.73
v1.74.3

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 2151.0,
                "function_hash": "222858898297859194060794536487657604718"
            },
            "target": {
                "function": "pixSaveTiledOutline",
                "file": "src/writefile.c"
            },
            "signature_type": "Function",
            "source": "https://github.com/danbloomberg/leptonica/commit/1ac72c93fef1a5eb76b76d6723d2aee843dd6e51",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-36277-4e166067"
        },
        {
            "digest": {
                "line_hashes": [
                    "71062267759714909252348090593844234556",
                    "97358072719284165189392170893531517432",
                    "301317317759245953588625345858371826055",
                    "62265654327906441521104646257649575358",
                    "207269623746465126863493617250051974480",
                    "213054983104096328696332740677714843767",
                    "105275085273569201920370165390215021858",
                    "38340088920289451107124175393972403026",
                    "9113138227959097645465941439285179527",
                    "4111592723007155595036886538810308299",
                    "97781248088056011640698607904627689088",
                    "74484671226634991667470442120316811390",
                    "253761626782854307962002115609073890392",
                    "187183657221129180758220836697949816218",
                    "46574432943433739278106365792165657011",
                    "273396866256614586075518406992790598460",
                    "295513790153078462153231921185831748119",
                    "131382178552060552096441612459281251532",
                    "140667745216844280532923469586221220692",
                    "38340088920289451107124175393972403026",
                    "66741564332115295234395807389488372647",
                    "132506284100450515925055260109635384650",
                    "15626914318538742461429884095452584110",
                    "56287396207953316054146703578191466799",
                    "20380751437460212616876253637222379980",
                    "163629621338973307058873800478052052441",
                    "25352595195574359417880041363482909448",
                    "335761481003546974218991746147851565011",
                    "5046790947822584954323697921934692994",
                    "56320650226837401789641792496571934451",
                    "16722415284511504649079254037155623744",
                    "232342567227214257526208001638129199617",
                    "173576210356171918807525706994591810305",
                    "243807738468509408460219795729349922854",
                    "330625691046730176786300782804018665942",
                    "219726525622754075676237923630304329781",
                    "119139650521512739463158732355403348911",
                    "215667919607160153155372984336961395051",
                    "239718795552571427566168858035350150579",
                    "7987558984567479218345146112537694020",
                    "33363232447793643447097582605938314341",
                    "174227686358294765452642687979267206268",
                    "282944405888060245442936280869587819214",
                    "136463978856502020036954520801951250098",
                    "89663810803968201105248913064998323902",
                    "319465531880607740424327917508776989344",
                    "70961496539031330404551052579537358957",
                    "50097023676545188792930153098625021049",
                    "298713818117629011068302864615537320891",
                    "17795467882971491010851540652232597940",
                    "183956941203145169005707606613799824267",
                    "160828791284281937599906299467130261719",
                    "97409445592432297045811281402826357005",
                    "139023614379140955860740449971104784948",
                    "229418005089612460385550913838939054263",
                    "238691219870813330421915352582384393272",
                    "206969213718509837465307982922312089301",
                    "267669098743028078120867503978775563817",
                    "324047436537294132143743488492109099135",
                    "50331507218899387210469534448264002000",
                    "182945048991490055313854425553974805451",
                    "175777624442155945688438649878319851773",
                    "336965900696302405653949472064898173356",
                    "116000985755283332901577877467218297391",
                    "150334520487414278834615100141773513244",
                    "256358039365454398039257690180032473336",
                    "90522913534650190870516759134685755856",
                    "312130806542216751680390873492744815729",
                    "71056638504990768084742787629662510964",
                    "222039460875439193892739393438584805773",
                    "82396013945408456795230577595056333782",
                    "277615823188644338749478633541077077349",
                    "73177740877961034671619940822526841244",
                    "182242737047980361896234253574204172597",
                    "270139666686017519128190972053982655060",
                    "280789038969911879819847274146700972684",
                    "127195894988458890005025375113590300632",
                    "224095711446903451089170268915435052378",
                    "249467641058294469451236898783224158761",
                    "34505517851144569534424389505926690917",
                    "181926339711443014290103475098225105304",
                    "134405640351810209701330033311676618685",
                    "85691735517347449311008818097392259383",
                    "129426273177754144750890090176668411102",
                    "204155612371349391517772476970283121692",
                    "237368390349372639166674219677674833981",
                    "18706634596854076763500127312040726691",
                    "265795668003857683217546574915109709168",
                    "192098695764790791807016310998743101529",
                    "50132205851043265482458091199236203873",
                    "329583298823061904764188849531103677626",
                    "321768222183286676830382411624171676657",
                    "102587916843189441473129335381922525478",
                    "161137528822882918063826466619031224998",
                    "15238058894799479718442650553975412386",
                    "171462317166403845265300963792830703964",
                    "331744892110334778297066182039374888344",
                    "326285890700357715306481830607670732752",
                    "123324534500294565774678219652286460623",
                    "288576427916736276951897063339480921283",
                    "137685248884094962831272445269326966955",
                    "259573223464972589894728003087633652679",
                    "12229016245657393565821281256763419903",
                    "271434579962706848000734217504209289591",
                    "194954709234320770596650361766011857023",
                    "42106648833517479078550596521203736027",
                    "278586902318726974416478788247158816089",
                    "39718064908596686921327949565597363579",
                    "321689676064398334586639265977019126404",
                    "172295762223456177805498932996843025950",
                    "171190226785773530665987430747253559223",
                    "70962918761805776992827304123417051261",
                    "243807738468509408460219795729349922854",
                    "128407842167289103363920487986283396306",
                    "30486387600434308231673102328328714167",
                    "279622566686338882656352513450053253867",
                    "256642794338437058535985324878029231406",
                    "161806651388242330758048499580591431458",
                    "305608186397194774266111296049997309825",
                    "339420659682533687962558130366211378928",
                    "71855633175038232396432775477005678562",
                    "249073138151195662472632059730126570547",
                    "132433570656101341823026047880048114214",
                    "6709710598048881714838137134275612892",
                    "308208083129171002052653631867087291248",
                    "296555942277343054565880265221298139606",
                    "131559545650161212223324363838998418440",
                    "64039125194452021872262519924401514682",
                    "118961055585304283145913797879143947388",
                    "247884008694609657141628299238743568397",
                    "171293053015680685936888175565534341639"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "src/writefile.c"
            },
            "signature_type": "Line",
            "source": "https://github.com/danbloomberg/leptonica/commit/1ac72c93fef1a5eb76b76d6723d2aee843dd6e51",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-36277-7878a3e9"
        },
        {
            "digest": {
                "length": 1206.0,
                "function_hash": "12514325910757870363945626727973878167"
            },
            "target": {
                "function": "pixSaveTiledWithText",
                "file": "src/writefile.c"
            },
            "signature_type": "Function",
            "source": "https://github.com/danbloomberg/leptonica/commit/1ac72c93fef1a5eb76b76d6723d2aee843dd6e51",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-36277-9bac3a71"
        },
        {
            "digest": {
                "length": 544.0,
                "function_hash": "180438311509628637530656543879059859147"
            },
            "target": {
                "function": "pixSaveTiled",
                "file": "src/writefile.c"
            },
            "signature_type": "Function",
            "source": "https://github.com/danbloomberg/leptonica/commit/1ac72c93fef1a5eb76b76d6723d2aee843dd6e51",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-36277-f79bcddc"
        }
    ]
}