VulnerableCode Package Details - pkg:deb/debian/harfbuzz@1.4.2-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5jvr-vkuy-aaak	hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.	CVE-2015-8947
VCID-6vn4-qb8q-aaag	Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.	CVE-2016-2052
VCID-zzvd-9m2y-aaaa	HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.	CVE-2015-9274

Vulnerability

Summary

Aliases

VCID-5jvr-vkuy-aaak

hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.

CVE-2015-8947

VCID-6vn4-qb8q-aaag

Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.

CVE-2016-2052

VCID-zzvd-9m2y-aaaa

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.

CVE-2015-9274

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T16:28:02.962360+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T16:26:44.529997+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T11:52:59.707111+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T00:24:48.690786+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	None	36.1.3
2025-06-20T23:23:13.387561+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	None	36.1.3
2025-06-20T23:22:03.294162+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	None	36.1.3
2025-06-08T12:55:31.451391+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T12:46:31.222035+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T09:13:57.608096+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T09:12:39.186285+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T05:05:51.166683+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T17:47:36.246877+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	None	36.1.0
2025-06-07T16:46:07.191417+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	None	36.1.0
2025-06-07T16:44:58.632789+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	None	36.1.0
2025-04-12T21:15:22.766925+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:42:45.315728+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T18:33:25.381022+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T07:45:55.453214+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T07:44:35.033070+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T03:36:46.229415+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T16:24:04.282378+00:00	Debian Oval Importer	Fixing	VCID-5jvr-vkuy-aaak	None	36.0.0
2025-04-07T15:18:43.990408+00:00	Debian Oval Importer	Fixing	VCID-6vn4-qb8q-aaag	None	36.0.0
2025-04-07T15:17:31.928256+00:00	Debian Oval Importer	Fixing	VCID-zzvd-9m2y-aaaa	None	36.0.0