1 results (0.007 seconds)
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56732 – HarfBuzz heap-buffer-overflow on hb_cairo_glyphs_from_buffer
https://notcve.org/view.php?id=CVE-2024-56732
27 Dec 2024 — HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. It was discovered that HarfBuzz incorrectly handled certain memory operations. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/harfbuzz/harfbuzz/commit/1767f99e2e2196c3fcae27db6d8b60098d3f6d26 • CWE-122: Heap-based Buffer Overflow •