Lucene search
UbuntuUSN-6856-1HistoryJun 27, 2024 - 12:00 a.m.
FontForge vulnerabilities
2024-06-2700:00:00
ubuntu.com
Releases
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- fontforge - Free (libre) font editor for Windows, Mac OS X and GNU+Linux
Details
It was discovered that FontForge incorrectly handled filenames. If a user or an
automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a command injection.
(CVE-2024-25081)
It was discovered that FontForge incorrectly handled archives and compressed
files. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to perform
command injection. (CVE-2024-25082)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | fontforge | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-common | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-dbgsym | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-doc | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-extras | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-extras-dbgsym | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-nox | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | fontforge-nox-dbgsym | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libfontforge4 | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libfontforge4-dbgsym | < 1:20230101~dfsg-1ubuntu0.1 | UNKNOWN |
Related
osv
osv
fontforge vulnerabilities
2024-06-27 09:52:34
fontforge - security update
2024-03-19 00:00:00
fontforge - security update
2024-03-08 00:00:00
nessus
nessus
SUSE SLES12 Security Update : fontforge (SUSE-SU-2024:0863-1)
2024-03-15 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : FontForge vulnerabilities (USN-6856-1)
2024-06-27 00:00:00
Amazon Linux 2023 : fontforge, fontforge-devel (ALAS2023-2024-565)
2024-03-21 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: fontforge-20230101-11.fc40
2024-03-23 00:44:37
openvas
openvas
Fedora: Security Advisory for fontforge (FEDORA-2024-e01ef71e64)
2024-03-25 00:00:00
Debian: Security Advisory (DSA-5641-1)
2024-03-20 00:00:00
Mageia: Security Advisory (MGASA-2024-0082)
2024-04-05 00:00:00
debian
debian
[SECURITY] [DSA 5641-1] fontforge security update
2024-03-19 20:51:37
[SECURITY] [DLA 3754-1] fontforge security update
2024-03-07 23:12:06
mageia
mageia
Updated fontforge packages fix security vulnerabilities
2024-03-22 03:19:51
amazon
amazon
Medium: fontforge
2024-03-13 20:26:00
ubuntucve
ubuntucve
CVE-2024-25082
2024-02-26 00:00:00
CVE-2024-25081
2024-02-26 00:00:00
veracode
veracode
Command Injection
2024-03-13 15:31:42
Command Injection
2024-03-13 15:31:24
nvd
nvd
CVE-2024-25082
2024-02-26 16:27:58
CVE-2024-25081
2024-02-26 16:27:58
prion
prion
Command injection
2024-02-26 16:27:00
Command injection
2024-02-26 16:27:00
redhatcve
redhatcve
CVE-2024-25081
2024-02-26 22:02:07
CVE-2024-25082
2024-02-26 22:02:16
debiancve
debiancve
CVE-2024-25082
2024-02-26 16:27:58
CVE-2024-25081
2024-02-26 16:27:58
cvelist
cvelist
CVE-2024-25081
2024-02-26 00:00:00
CVE-2024-25082
2024-02-26 00:00:00
cve
cve
CVE-2024-25081
2024-02-26 16:27:58
CVE-2024-25082
2024-02-26 16:27:58