Vulnerability Details CVE-2021-36081
Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-free during a strpbrk call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
- https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
- https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55
Products affected by CVE-2021-36081
-
cpe:2.3:a:tesseract_ocr_project:tesseract_ocr:5.0.0
-
cpe:2.3:o:linux:linux_kernel:-