VulnerableCode Package Details - pkg:deb/debian/harfbuzz@10.2.0-1

Search for packages

Package details: pkg:deb/debian/harfbuzz@10.2.0-1

Essentials
History (4)

purl	pkg:deb/debian/harfbuzz@10.2.0-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ys8a-mjj8-aaag	Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.	CVE-2023-25193

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T04:51:30.613071+00:00	Debian Importer	Fixing	VCID-ys8a-mjj8-aaag	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-21T01:13:28.103025+00:00	Debian Importer	Fixing	VCID-ys8a-mjj8-aaag	None	36.1.3
2025-05-31T19:20:02.401003+00:00	Debian Importer	Fixing	VCID-ys8a-mjj8-aaag	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-05-27T04:39:03.892637+00:00	Debian Importer	Fixing	VCID-ys8a-mjj8-aaag	None	36.0.0