903 matches found
Graphite <=1.1.5 - Server-Side Request Forgery
Graphite's sendemail in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is...
OESA-2026-2898 graphite2 security update
Graphite is a system that can be used to create “smart fonts” capable of displaying writing systems with various complex behaviors. A smart font contains not only letter shapes but also additional instructions indicating how to combine and position the letters in complex ways. Security Fixes:...
OESA-2026-2897 graphite2 security update
Graphite is a system that can be used to create “smart fonts” capable of displaying writing systems with various complex behaviors. A smart font contains not only letter shapes but also additional instructions indicating how to combine and position the letters in complex ways. Security Fixes:...
OESA-2026-2896 graphite2 security update
Graphite is a system that can be used to create “smart fonts” capable of displaying writing systems with various complex behaviors. A smart font contains not only letter shapes but also additional instructions indicating how to combine and position the letters in complex ways. Security Fixes:...
Astra Linux – Vulnerability in Chromium
The use of Graphite with free in Google Chrome before version 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
SUSE-SU-2026:2477-1 Security update for graphite2
This update for graphite2 fixes the following issue: - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733...
SUSE-SU-2026:2474-1 Security update for graphite2
This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733...
OPENSUSE-SU-2026:21124-1 Security update for graphite2
This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733...
SUSE-SU-2026:22225-1 Security update for graphite2
This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733...
SUSE-SU-2026:22063-1 Security update for graphite2
This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
SUSE CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
EUVD-2026-34784
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...
CVE-2026-50593
Graphite 1.3.15 changes and the commit.