{"id":"CVE-2018-7186","details":"Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.","modified":"2026-04-16T06:17:10.174216128Z","published":"2018-02-16T16:29:00.160Z","related":["openSUSE-SU-2024:10914-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202312-01"},{"type":"ADVISORY","url":"https://bugs.debian.org/890548"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00005.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts/2018/02/msg00054.html"},{"type":"FIX","url":"https://github.com/DanBloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/danbloomberg/leptonica","events":[{"introduced":"0"},{"fixed":"ee301cb2029db8a6289c5295daa42bba7715e99a"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.75.3"}]}}],"versions":["1.74.0","1.74.1","1.74.2","1.74.3","1.74.4","1.75.0","1.75.1","1.75.2","v1.42","v1.44","v1.46","v1.48","v1.50","v1.52","v1.54","v1.56","v1.58","v1.60","v1.61","v1.62","v1.63","v1.64","v1.65","v1.66","v1.67","v1.68","v1.69","v1.70","v1.71","v1.72","v1.73","v1.74.3"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"vanir_signatures_modified":"2026-04-11T14:11:08Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7186.json","vanir_signatures":[{"digest":{"length":1372,"function_hash":"72901858897126593855299117018148104585"},"signature_type":"Function","deprecated":false,"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","target":{"file":"src/sel1.c","function":"selReadStream"},"id":"CVE-2018-7186-06427cab","signature_version":"v1"},{"digest":{"function_hash":"26348781678140270596513729884518874524","length":2736},"signature_type":"Function","deprecated":false,"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","target":{"file":"src/gplot.c","function":"gplotGenCommandFile"},"id":"CVE-2018-7186-28b37a95","signature_version":"v1"},{"digest":{"line_hashes":["74913978311487113000575904107245913473","306804994943353047874192240061927112601","216483300542164452594900166647321620828","74536126001753495905446785485005714262","270100096091805081470694940102940495365","25556603808171008802013767563867738205","27220900946661228824410434674893653574","250497715968599506615388865559019871570","272896481653580461943229955984426228043","245675504641690042647843100147262493218","259733378803895707145106127837767401867","16732604453418718961104237667095720871","244299658451368132285964706686643969970","224714216140741438110709878064278294887","222060178426114256500175468024063164800","183685313428657616655867644113822153390","219240564785688892434832706101729589412","209985785354870954322808309592144616018","204302728634288446777970226048822370720","126690961160438807244162908435826033511","315228858358765661331819772148766246892","323671829691161130468715433091458056064","45216531882991558419800364862249464639","264096501410897609817762041640639440022","185240155775476407227895999870231698936","256154387788463005757755835523221774145","219058776554447425810576846561529039995","99515575522759559353948647163574822020","41404565350473929020194794902284666107","28788961965628202073225542524243718129","267641443465966412688627830241797204893","280387912042524931364741203413095001880","288251635802140606918604688544128567384","157645382814582335230106737806354575872","157301035571823978728322001145154028055","2529178657026482306978461634500492007","311584734522299559767718388792860348014","219942845700477093233894557088885144766","172993507856043959008480050250386236086","130631628430270621154743285364359185182","329252347663815234486739289488361657986","85867735092888234147846403293496143637","297843373625882531914041850172005461756","276195872224700896786438240743550023244","93515840016808114856886419565865836435","16822774018492522946729057035944395016","288372089017841175552138272805123037429","69087339617773613899147434509317211027","306279416424228509642328841136925343582","222936027553082762291408606146718371798","198888594425815213247022958412442265348","84035283048841453101864438220296863537","96800355975093518280299604120841145907","82806611561013652322646521361597596877","224692919299841819015337909245204955194","70413799229649170319532572873189065995","260405319467680067676185911720242085389","129305816353484653981798273854299444391","55679285604349838858721819853272463986","50036060469476899230671095502953202216","4937026048488121383112856751684905169","135986203581378703461194017448160934615","65977102479421448992902818700442808335","132418346145683317285369582433191989355","111424465242327908632495845063165854790","6954530648062341781471891597723843590","49968967976395241276983365292041231419","117994523505574235523681831278091300380","238634907726591242230919677601863463714","52188982885746879735364709696038442300","128658654938155259317446172232153675153","95493355146464723117791690836743897961","107144312943698401312374003533980768210","14094494000219310957981312739011532826","334464688228044293600710560236410287565","266069056297921402640077072270922584479","196547165232967242546059826363050955542","59804809519970259807399113818642379475","218436602357460431093127889818028183784","253361322269653742948862495928972662526","128565341981026609198592744091813170902","313631185371340969566503871625192838304","80136032521588122499835362080347731152","246781186008130101072915851437579582950","66554035025674955212568843751207535652","102098774565906908016930828430883533318","22614318601477443429149067622362967848","310040644972519673593610355443007735115","239480881502118884445862662535305676257","208879174782640855076599312925572782600","274377861435722691507215800885990539002","94180033777064015469559275089051781098","202059998021779850380897560449182022720","325904401943567729170848972182072822328","129577590844485436430045191420278483164","284742107877109785408507437423757448997","291545544410888452609444523812942880305","277841199017536149316421876601367161608","157739102784748664251560174448568071397","34362506055367818787979273703046194627","23994567983796456550941070944686520254","136508645166907883208427683860411114114","34878894661837006535769210987501220686","130749248974369038875919535654293664189","40107590451028610151119385367313445958","209378971804723309686308776707914386124","5154847547897608981840610825966214961","55875019632297779790703550106811703980","14970541099146572229393188829062177672","142598281875164133746575704441675340072","156439272569459628014180124664176786536","93963942366043457647946558446383431479","22554858910279141691907162371998544546","145085530973901578086278845266424664057","99739212971887343795570615242591792156","180065801648819871233314198692069824370","49823650342127276951185725051319875122","108521213378574841742595623506861073172","108532293514220816323029191531191606786","123000760170022259521866169847977330702","281310842568581678706250421413205718504","187373377670881229638615159411346933734"],"threshold":0.9},"signature_type":"Line","signature_version":"v1","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","id":"CVE-2018-7186-547758bb","target":{"file":"src/gplot.c"},"deprecated":false},{"digest":{"length":2349,"function_hash":"228767576558608563469183557305534530044"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","id":"CVE-2018-7186-624ed5ef","target":{"file":"src/gplot.c","function":"gplotRead"},"deprecated":false},{"digest":{"line_hashes":["265594454580207749388433714784990484135","102017037627524764282483349379058747397","136123454463206677607905926908964102494","80579629779845317409893598205071727697","122011560694364236238063993059570750473","71321032841568734867900030773328456854","22261698326721818544186533103348474257","230084711267003022893113185874795772941","281971025924849135568696012577513516113","338909955368369055067993101613142919650","238991914213210274195349977627727202069","87727035574142761306085126399083702202","22552843143414088962363537571150461363","10147325784296281282966284289031652428","88183334076620888841142624432890613973","174151576268924939349985979745663400732","138346835912296379394874029599149852501","240060387254089611561924455726514734871","133204068708238281713118099982346766001","107135150930567850315539781069628177324","81582383160090140585512126251471484966","7933643474065128544678548814118295153","87542218097449030188669144064226847830","244788416377971173296930586102304554162","280593025971437338305948095412133252209","234227779439539449800681952627888081828","250666720179713957619299997934195271413","224640863273235225538261841229603778405"],"threshold":0.9},"signature_type":"Line","target":{"file":"prog/xtractprotos.c"},"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","signature_version":"v1","id":"CVE-2018-7186-67215d67","deprecated":false},{"digest":{"length":1596,"function_hash":"39759221095779243032995483396788941120"},"signature_type":"Function","id":"CVE-2018-7186-6f218437","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","deprecated":false,"target":{"file":"src/gplot.c","function":"gplotCreate"},"signature_version":"v1"},{"digest":{"length":561,"function_hash":"89329184580638123227786052434713226028"},"signature_type":"Function","id":"CVE-2018-7186-73b114d5","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","deprecated":false,"target":{"file":"src/gplot.c","function":"gplotMakeOutput"},"signature_version":"v1"},{"digest":{"line_hashes":["81486421331109356769443863138281776626","269135377094120074177144591769304976507","69213063323592934536519933742447938371","112896862628100816104147091916165376881","292870605307286820986800209204098595106","174972918239287142856048832005548718134","71745875343569243016995346345893950755","276796510240503393571836498048212036859","121147329093038618173122425631908878589","34199343901054226518445638500365363450","249056794543180572726454988257149530535","131971948241170670814426157692305240591","225030883117705391167871818656400421367","21257163128425804626305310646399465517","82413160902893569321721785844924152901","99754649326989147656729578221177183291","177110319904467089603724793416346088609","69298628611728983858223432222962134541","86728740538073776997625937833210574758","70416366898652949764853869141871912635","287857277500103367736205962537982950724","191733458820713280930561879884697995145","173927718968205244129261021294503684400","185089246362578555471762572277855752883","204263804255615576722959720786803869774","329778409569599414041540925354654260386","173926471871326600225007071116306642655","83064820638261011688134107666859807181","185697876469099847811259776238385932389","210512805378095919505671184581233711867","18779810341152252716116828859743930287","127681941429854369594716642234139805683"],"threshold":0.9},"signature_type":"Line","deprecated":false,"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","target":{"file":"src/sel1.c"},"id":"CVE-2018-7186-7861821c","signature_version":"v1"},{"digest":{"length":929,"function_hash":"144899473942999376600979275877573187478"},"signature_type":"Function","id":"CVE-2018-7186-7bf40b8c","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","deprecated":false,"target":{"file":"src/sel1.c","function":"selaGetCombName"},"signature_version":"v1"},{"digest":{"line_hashes":["127932947341318238134487749027762621651","22188915029771426100631568254696222952","26057017426134700816552384853525552766","171900439920977457937997587163542902243","206183842423117450405405830173924617653","328472349080507654916228673275706001509","305204332718852913511156779632445051105","188721363758398209909867872293615825493"],"threshold":0.9},"signature_type":"Line","signature_version":"v1","source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","id":"CVE-2018-7186-8da7ee8c","target":{"file":"src/ptabasic.c"},"deprecated":false},{"digest":{"length":1286,"function_hash":"332966477342756968958379675085858856412"},"signature_type":"Function","deprecated":false,"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","target":{"file":"src/ptabasic.c","function":"ptaReadStream"},"id":"CVE-2018-7186-8e711f6c","signature_version":"v1"},{"digest":{"length":3822,"function_hash":"48077564995220450002928084320370870099"},"signature_type":"Function","target":{"file":"prog/xtractprotos.c","function":"main"},"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","signature_version":"v1","id":"CVE-2018-7186-a58eeace","deprecated":false},{"digest":{"length":1621,"function_hash":"180532145496727040081836365742811745793"},"signature_type":"Function","deprecated":false,"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","target":{"file":"src/gplot.c","function":"gplotAddPlot"},"id":"CVE-2018-7186-ace5b581","signature_version":"v1"},{"digest":{"length":1008,"function_hash":"48562018067124088157409492466368639317"},"signature_type":"Function","target":{"file":"src/sel1.c","function":"selaComputeCompositeParameters"},"source":"https://github.com/danbloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a","signature_version":"v1","id":"CVE-2018-7186-b95ead0a","deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}