CVE-2018-25279
Received Received - Intake
Buffer Overflow in jiNa OCR 1.0 Causes Denial of Service

Publication date: 2026-04-26

Last updated on: 2026-04-26

Assigner: VulnCheck

Description
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the file to PDF.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-26
Last Modified
2026-04-26
Generated
2026-06-16
AI Q&A
2026-04-27
EPSS Evaluated
2026-06-15
NVD
CVE-2018-25279
EUVD
EUVD-2018-21799
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
jina ocr_image_to_text 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in jiNa OCR Image to Text 1.0 and is a denial of service issue. It allows local attackers to crash the application by processing a specially crafted PNG file. This malformed PNG file contains an oversized buffer that triggers the crash when the application attempts to convert the file to PDF.

Impact Analysis

This vulnerability can impact you by causing the jiNa OCR Image to Text application to crash, resulting in a denial of service. This means the application becomes unavailable or unusable when processing a maliciously crafted PNG file, potentially disrupting workflows that rely on this software.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25279. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart