VulnerableCode Package Details - pkg:deb/debian/leptonlib@1.71-2.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/leptonlib@1.71-2.1

Essentials
History (13)

purl	pkg:deb/debian/leptonlib@1.71-2.1

Next non-vulnerable version	1.79.0-1.1+deb11u1
Latest non-vulnerable version	1.79.0-1.1+deb11u1
Risk	2.5

Vulnerabilities affecting this package (13)

Vulnerability	Summary	Fixed by
VCID-1e2w-tuq4-eken Aliases: CVE-2018-7441	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-2wk4-jbjc-17fa Aliases: CVE-2018-7247	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-4w3g-efaw-cyex Aliases: CVE-2018-7186	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-agk2-8eq8-z7cy Aliases: CVE-2022-38266	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-azgj-apx7-27bz Aliases: CVE-2020-36278	Multiple vulnerabilities have been found in Leptonica, the worst of which could result in a Denial of Service condition.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-cbd8-jxc4-gqa8 Aliases: CVE-2018-7440	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-dprp-gc3r-6kan Aliases: CVE-2017-18196	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kwtq-qdbw-9yh3 Aliases: CVE-2018-7442	Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-u7d4-eugx-kued Aliases: CVE-2020-36279	Multiple vulnerabilities have been found in Leptonica, the worst of which could result in a Denial of Service condition.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-wfpe-6zuv-fqgt Aliases: CVE-2018-3836	An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.	1.76.0-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xcex-ygxv-tfhf Aliases: CVE-2020-36277	Multiple vulnerabilities have been found in Leptonica, the worst of which could result in a Denial of Service condition.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-yxz3-cmwm-eugg Aliases: CVE-2020-36280	Multiple vulnerabilities have been found in Leptonica, the worst of which could result in a Denial of Service condition.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-z4gs-h9bp-fbg8 Aliases: CVE-2020-36281	Multiple vulnerabilities have been found in Leptonica, the worst of which could result in a Denial of Service condition.	1.79.0-1.1+deb11u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T13:00:57.296271+00:00	Debian Oval Importer	Affected by	VCID-azgj-apx7-27bz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T12:30:06.730413+00:00	Debian Oval Importer	Affected by	VCID-z4gs-h9bp-fbg8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T12:10:52.962318+00:00	Debian Oval Importer	Affected by	VCID-yxz3-cmwm-eugg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T08:08:11.523286+00:00	Debian Oval Importer	Affected by	VCID-wfpe-6zuv-fqgt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T06:59:20.053303+00:00	Debian Oval Importer	Affected by	VCID-1e2w-tuq4-eken	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T06:25:53.021465+00:00	Debian Oval Importer	Affected by	VCID-u7d4-eugx-kued	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T06:12:45.496183+00:00	Debian Oval Importer	Affected by	VCID-2wk4-jbjc-17fa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T06:07:44.676770+00:00	Debian Oval Importer	Affected by	VCID-xcex-ygxv-tfhf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T06:00:03.053243+00:00	Debian Oval Importer	Affected by	VCID-4w3g-efaw-cyex	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T04:54:26.928368+00:00	Debian Oval Importer	Affected by	VCID-cbd8-jxc4-gqa8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T03:55:49.827177+00:00	Debian Oval Importer	Affected by	VCID-kwtq-qdbw-9yh3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T03:02:39.585433+00:00	Debian Oval Importer	Affected by	VCID-dprp-gc3r-6kan	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T02:57:05.646840+00:00	Debian Oval Importer	Affected by	VCID-agk2-8eq8-z7cy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0