6 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-25193 – harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks

https://notcve.org/view.php?id=CVE-2023-25193

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. • https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361 https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3 https://security.netapp • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-33068 – harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc

https://notcve.org/view.php?id=CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. Un desbordamiento de enteros en el componente hb-ot-shape-fallback.cc de Harfbuzz versión v4.3.0, permite a atacantes causar una Denegación de Servicio (DoS) por medio de vectores no especificados A vulnerability found in harfbuzz. An integer overflow in the hb-ot-shape-fallback.cc component allows attackers to cause a denial of service (DoS) via unspecified vectors. • https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593 https://github.com/harfbuzz/harfbuzz/issues/3557 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI https://security.gentoo.org/glsa/202209-11 https • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2

CVE-2021-45931

https://notcve.org/view.php?id=CVE-2021-45931

HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). HarfBuzz versión 2.9.0, presenta una escritura fuera de límites en la función hb_bit_set_invertible_t::set (llamada desde hb_sparseset_t(hb_bit_set_invertible_t)::set y hb_set_copy). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2021-1159.yaml https://github.com/harfbuzz/harfbuzz/commit/d3e09bf4654fe5478b6dbf2b26ebab6271317d81 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EAIZKL4O67FN2CWJYHYKZEMNYWNWO3D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5A7TCR2MY46YK3NHQZB3SLESUH354IEA https://lists.fedoraproject.org/archives/list/package-anno • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-9274

https://notcve.org/view.php?id=CVE-2015-9274

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh. HarfBuzz en versiones anteriores a la 1.0.4 permite que atacantes remotos provoquen una denegación de servicio (lectura inválida de dos bytes y cierre inesperado de la aplicación) debido a la mala gestión de las tablas GPOS y GSUB. Esto está relacionado con hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh y hb-ot-layout-gsubgpos-private.hh. • https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7 • CWE-125: Out-of-bounds Read •

CVSS: 7.6EPSS: 3%CPEs: 1EXPL: 0

CVE-2015-8947 – chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6

https://notcve.org/view.php?id=CVE-2015-8947

hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. Un desbordamiento de buffer en el comando FTP list (ls) en IIS permite a atacantes remotos provocar una denegación de servicio y, en algunos casos, ejecutar comandos arbitrarios. • http://lists.opensuse.org/opensuse-updates/2016-08/msg00070.html http://rhn.redhat.com/errata/RHSA-2016-0072.html http://www.securityfocus.com/bid/92039 http://www.ubuntu.com/usn/USN-3067-1 https://github.com/behdad/harfbuzz/commit/f96664974774bfeb237a7274f512f64aaafb201e https://github.com/behdad/harfbuzz/issues/139#issuecomment-146984679 https://lists.debian.org/debian-lts-announce/2019/12/msg00022.html https://security.gentoo.org/glsa/201701-76 https://access.redhat.com/security/cve/C • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •