VulnerableCode Package Details - pkg:deb/debian/pango1.0@1.42.4-8~deb10u1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-aptq-9f59-aaad	libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.	CVE-2018-15120
VCID-n7rw-hr3g-aaap	Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.	CVE-2019-1010238

Vulnerability

Summary

Aliases

VCID-aptq-9f59-aaad

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

CVE-2018-15120

VCID-n7rw-hr3g-aaap

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

CVE-2019-1010238

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T18:02:49.955807+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T12:14:03.316292+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-20T23:31:05.878398+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	None	36.1.3
2025-06-20T22:09:25.861524+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	None	36.1.3
2025-06-08T10:34:30.765271+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T05:19:03.575170+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T16:54:00.963495+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	None	36.1.0
2025-06-07T15:33:25.597741+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	None	36.1.0
2025-04-12T19:25:43.355034+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T19:22:04.982942+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T16:15:55.096406+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T03:50:07.092682+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T15:26:58.310215+00:00	Debian Oval Importer	Fixing	VCID-aptq-9f59-aaad	None	36.0.0
2025-04-07T14:04:23.672594+00:00	Debian Oval Importer	Fixing	VCID-n7rw-hr3g-aaap	None	36.0.0