Search for packages
| purl | pkg:deb/ubuntu/harfbuzz@0.9.18-3 |
| Next non-vulnerable version | 1.7.2-1ubuntu1 |
| Latest non-vulnerable version | 1.7.2-1ubuntu1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5jvr-vkuy-aaak
Aliases: CVE-2015-8947 |
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. |
Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-6vn4-qb8q-aaag
Aliases: CVE-2016-2052 |
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. |
Affected by 1 other vulnerability. |
|
VCID-zzvd-9m2y-aaaa
Aliases: CVE-2015-9274 |
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|