Search for packages
Package details: pkg:deb/debian/harfbuzz@2.3.1-1
purl pkg:deb/debian/harfbuzz@2.3.1-1
Next non-vulnerable version 10.2.0-1
Latest non-vulnerable version 10.2.0-1
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-3mw2-ar52-aaam
Aliases:
CVE-2022-33068
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
6.0.0+dfsg-3
Affected by 1 other vulnerability.
VCID-ys8a-mjj8-aaag
Aliases:
CVE-2023-25193
Allocation of Resources Without Limits or Throttling hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
8.0.1-1
Affected by 0 other vulnerabilities.
8.3.0-2
Affected by 0 other vulnerabilities.
9.0.0-1
Affected by 0 other vulnerabilities.
10.1.0-1
Affected by 0 other vulnerabilities.
10.2.0-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T23:39:00.542593+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T07:05:38.810665+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T01:13:28.096741+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 36.1.3
2025-06-20T21:28:53.472079+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 36.1.3
2025-04-05T19:08:35.772504+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T04:21:53.640160+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T03:57:22.452465+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 36.0.0
2025-04-04T00:06:15.965304+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 36.0.0
2025-02-21T09:47:20.894452+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-21T09:47:19.468638+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 35.1.0
2025-02-20T22:37:12.367121+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T22:37:11.692184+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 35.1.0
2024-04-26T02:07:50.474574+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T02:07:48.774522+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 34.0.0rc4
2024-04-25T15:56:44.461520+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T15:56:43.690330+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 34.0.0rc4
2024-01-12T12:06:38.533948+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-12T12:06:36.686631+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 34.0.0rc2
2024-01-11T18:47:39.852280+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T18:47:35.962969+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 34.0.0rc2
2024-01-05T08:08:03.305638+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T08:08:01.795282+00:00 Debian Importer Affected by VCID-ys8a-mjj8-aaag None 34.0.0rc1
2024-01-05T02:40:36.414768+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T02:40:32.899715+00:00 Debian Importer Affected by VCID-3mw2-ar52-aaam None 34.0.0rc1