Harfbuzzproject Harfbuzz
By the Year
In 2024 there have been 0 vulnerabilities in Harfbuzzproject Harfbuzz . Last year Harfbuzz had 1 security vulnerability published. Right now, Harfbuzz is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 7.50 |
2022 | 2 | 6.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Harfbuzz vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Harfbuzzproject Harfbuzz Security Vulnerabilities
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0
CVE-2023-25193
7.5 - High
- February 04, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Allocation of Resources Without Limits or Throttling
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0
CVE-2022-33068
5.5 - Medium
- June 23, 2022
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
Integer Overflow or Wraparound
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called
CVE-2021-45931
6.5 - Medium
- January 01, 2022
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Harfbuzzproject? Click the Watch button to subscribe.