Search for packages
| purl | pkg:deb/debian/harfbuzz@12.3.2-2?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5xxu-cjy5-ekdd | Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. |
CVE-2015-8947
|
| VCID-6bw4-j3xa-d3g4 | Multiple vulnerabilities have been discovered in HarfBuzz, the worst of which could result in arbitrary code execution. |
CVE-2022-33068
|
| VCID-actq-bfzh-2kgk | Out-of-bounds Write HarfBuzz has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). |
CVE-2021-45931
|
| VCID-q2m7-9p65-cydk | HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. |
CVE-2024-56732
|
| VCID-rjd7-a91f-vkhs | harfbuzz: Null Pointer Dereference in harfbuzz |
CVE-2026-22693
|
| VCID-rnfc-n53j-9yfb | Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. |
CVE-2016-2052
|
| VCID-t142-dym5-nqba | harfbuzz: DoS due to GPOS and GSUB table mishandling |
CVE-2015-9274
|
| VCID-zzcp-hvdf-zqgf | Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. |
CVE-2023-25193
|