Search for packages
| purl | pkg:conan/harfbuzz@2.9.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-vzcv-kms3-aaam
Aliases: CVE-2021-45931 |
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy). |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-ys8a-mjj8-aaag
Aliases: CVE-2023-25193 |
Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:48:12.104530+00:00 | GitLab Importer | Affected by | VCID-vzcv-kms3-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/harfbuzz/CVE-2021-45931.yml | 34.0.1 |
| 2024-01-03T18:09:16.356163+00:00 | GitLab Importer | Affected by | VCID-vzcv-kms3-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/harfbuzz/CVE-2021-45931.yml | 34.0.0rc1 |