Search for packages
| purl | pkg:deb/debian/harfbuzz@2.7.4-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6bw4-j3xa-d3g4
Aliases: CVE-2022-33068 |
Multiple vulnerabilities have been discovered in HarfBuzz, the worst of which could result in arbitrary code execution. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-rjd7-a91f-vkhs
Aliases: CVE-2026-22693 |
harfbuzz: Null Pointer Dereference in harfbuzz |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zzcp-hvdf-zqgf
Aliases: CVE-2023-25193 |
Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-5xxu-cjy5-ekdd | Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. |
CVE-2015-8947
|
| VCID-actq-bfzh-2kgk | Out-of-bounds Write HarfBuzz has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). |
CVE-2021-45931
|
| VCID-q2m7-9p65-cydk | HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. |
CVE-2024-56732
|
| VCID-rnfc-n53j-9yfb | Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. |
CVE-2016-2052
|
| VCID-t142-dym5-nqba | harfbuzz: DoS due to GPOS and GSUB table mishandling |
CVE-2015-9274
|