VDB
CVE-2021-36081
CVE-2021-36081
PUBLISHED
CVSS 7.800000190734863 HIGH
Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-free during a strpbrk call.
EPSS 0.24% · 47.7th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.24%
47.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| tesseract_ocr_project | tesseract_ocr | 5.0.0 |
| n/a | n/a | n/a |
Timeline
- Jul 1, 2021 CVE Published
- Jul 1, 2021 EPSS Score
- Jul 8, 2021 CVE Updated
- Aug 30, 2021 EPSS Score
- Oct 29, 2021 EPSS Score
- Dec 28, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 26, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 28, 2022 EPSS Score
- Jun 27, 2022 EPSS Score
- Aug 27, 2022 EPSS Score
References
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml url
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698 url
- https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-36081 advisory