CVE-2020-36277 — CyberEdge

Do I need to act?

~

4.0% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

7

CVSS 7.5/10 High

NETWORK / LOW complexity

Leptonica

Fedora

Debian Linux

Debian Fedoraproject Leptonica

Exploit https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21997

Patch https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0

Patch https://github.com/DanBloomberg/leptonica/pull/499

Mailing List https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html

Third Party Advisory https://security.gentoo.org/glsa/202107-53

Exploit https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21997

Patch https://github.com/DanBloomberg/leptonica/compare/1.79.0...1.80.0

Patch https://github.com/DanBloomberg/leptonica/pull/499

Mailing List https://lists.debian.org/debian-lts-announce/2021/03/msg00037.html

Third Party Advisory https://security.gentoo.org/glsa/202107-53