CVE-2017-18196 — Path Traversal in Leptonica

CWE-22 — Path Traversal9 documents6 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 87.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Leptonlib Leptonica

Timeline

PublishedFeb 23

Latest updateMay 13

Description

Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶NVDleptonica/leptonica1.74.4

▶debiandebian/leptonlib< leptonlib 1.74.4-2 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-m7cf-9jqx-8xrq: Leptonica 1↗2022-05-13

▶

OSV

leptonlib vulnerabilities↗2021-03-15

▶

OSV

CVE-2017-18196: Leptonica 1↗2018-02-23

▶

📋Vendor Advisories

Ubuntu

Leptonica vulnerabilities↗2021-03-15

▶

Debian

CVE-2017-18196: leptonlib - Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path com...↗2017

▶

💬Community

Bugzilla

CVE-2017-18196 leptonica: Mishandled pathnames in /tmp subdirectories can allow users to bypass intended file restrictions [epel-all]↗2018-02-27

▶

Bugzilla

CVE-2017-18196 leptonica: Mishandled pathnames in /tmp subdirectories can allow users to bypass intended file restrictions [fedora-all]↗2018-02-27

▶

Bugzilla

CVE-2017-18196 leptonica: Mishandled pathnames in /tmp subdirectories can allow users to bypass intended file restrictions↗2018-02-27

▶