695 matches found
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
UBUNTU-CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
The CVE-2026-0943 entry concerns HarfBuzz::Shaper (Perl) with a bundled HarfBuzz library. Versions before 0.032 include HarfBuzz 8.4.0 or earlier in hb_src.tar.gz, which is affected by CVE-2026-22693 due to a null pointer dereference in a subtable cache (SubtableUnicodesCache::create). The vulner...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943 HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
CVE-2026-0943 HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
PT-2026-3420
Name of the Vulnerable Software and Affected Versions HarfBuzz::Shaper versions prior to 0.032 Description HarfBuzz::Shaper versions before 0.032 include a bundled library with a null pointer dereference issue. The vulnerable component is HarfBuzz 8.4.0 or earlier, packaged as hb src.tar.gz withi...
harfbuzz-devel-12.3.0-2.1 on GA media (moderate)
harfbuzz-devel-12.3.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10065-1 Rating: moderate Cross-References: CVE-2026-22693 CVSS scores: CVE-2026-22693 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-22693 SUSE : 6.9...
MetaCPAN HarfBuzz::Shaper security vulnerability
MetaCPAN HarfBuzz::Shaper is an interface extension module of the MetaCPAN Foundation. Versions of MetaCPAN HarfBuzz::Shaper prior to 0.032 contained a security vulnerability. This vulnerability stemmed from null pointer dereferencing in the bundled libraries, which could lead to null pointer...
CVE-2026-0943
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...
Fedora: Security Advisory (FEDORA-2026-b38fe572ef)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2026:10065-1 harfbuzz-devel-12.3.0-2.1 on GA media
These are all security issues fixed in the harfbuzz-devel-12.3.0-2.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] Fedora 43 Update: harfbuzz-11.5.1-2.fc43
HarfBuzz is an implementation of the OpenType Layout engine...
Fedora 43 : harfbuzz (2026-b38fe572ef)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b38fe572ef advisory. Backport security fix for CVE-2026-22693 fix RHBZ2429288 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
CVE-2026-22693
A null pointer dereference vector has been discovered in the harfbuzz package. A null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh:1672-1673. The function fails to check if hbmalloc returns NULL before using placement ne...
SUSE CVE-2026-22693
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the SubtableUnicodesCache::create function when memory allocation fails and the return value is not checked before object construction. An attacker can cause a segmentation fault and crash the process by...
CVE-2026-22693
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...