Search for packages
| purl | pkg:conan/harfbuzz@4.3.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3mw2-ar52-aaam
Aliases: CVE-2022-33068 |
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. |
Affected by 1 other vulnerability. |
|
VCID-ys8a-mjj8-aaag
Aliases: CVE-2023-25193 |
Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:48:12.163279+00:00 | GitLab Importer | Affected by | VCID-3mw2-ar52-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/harfbuzz/CVE-2022-33068.yml | 34.0.1 |
| 2024-01-03T18:09:16.426641+00:00 | GitLab Importer | Affected by | VCID-3mw2-ar52-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/harfbuzz/CVE-2022-33068.yml | 34.0.0rc1 |