CVE-2021-36081: Use After Free

July 1, 2021 (updated July 8, 2021)

Tesseract OCR has a one_ell_conflict use-after-free during a strpbrk call.

References

bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55
nvd.nist.gov/vuln/detail/CVE-2021-36081

Detect and mitigate CVE-2021-36081 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →