VulnerableCode Package Details - pkg:deb/debian/harfbuzz@6.0.0%2Bdfsg-3

Search for packages

Vulnerability	Summary	Fixed by
VCID-rjd7-a91f-vkhs Aliases: CVE-2026-22693	harfbuzz: Null Pointer Dereference in harfbuzz	12.3.2-2 Affected by 0 other vulnerabilities.
VCID-zzcp-hvdf-zqgf Aliases: CVE-2023-25193	Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.	10.2.0-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-rjd7-a91f-vkhs
Aliases:
CVE-2026-22693

harfbuzz: Null Pointer Dereference in harfbuzz

12.3.2-2
Affected by 0 other vulnerabilities.

VCID-zzcp-hvdf-zqgf
Aliases:
CVE-2023-25193

Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.

10.2.0-1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-6bw4-j3xa-d3g4	Multiple vulnerabilities have been discovered in HarfBuzz, the worst of which could result in arbitrary code execution.	CVE-2022-33068

Vulnerability

Summary

Aliases

VCID-6bw4-j3xa-d3g4

Multiple vulnerabilities have been discovered in HarfBuzz, the worst of which could result in arbitrary code execution.

CVE-2022-33068

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:00:19.172149+00:00	Debian Importer	Affected by	VCID-zzcp-hvdf-zqgf	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:24:26.584084+00:00	Debian Importer	Fixing	VCID-6bw4-j3xa-d3g4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:40:38.093434+00:00	Debian Importer	Affected by	VCID-rjd7-a91f-vkhs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:28:07.663448+00:00	Debian Importer	Affected by	VCID-zzcp-hvdf-zqgf	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:16:44.458166+00:00	Debian Importer	Fixing	VCID-6bw4-j3xa-d3g4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:49:58.023429+00:00	Debian Importer	Affected by	VCID-rjd7-a91f-vkhs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T18:57:49.488765+00:00	Debian Importer	Affected by	VCID-zzcp-hvdf-zqgf	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-04T18:03:29.184654+00:00	Debian Importer	Fixing	VCID-6bw4-j3xa-d3g4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-04T15:57:54.903154+00:00	Debian Importer	Affected by	VCID-rjd7-a91f-vkhs	https://security-tracker.debian.org/tracker/data/json	38.1.0