6 matches found
Amazon Linux 2022 : harfbuzz, harfbuzz-devel, harfbuzz-icu (ALAS2022-2022-027)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-027 advisory. HarfBuzz 2.9.0 has an out-of-bounds write in hbbitsetinvertiblet::set called from hbsparsesett::set and hbsetcopy. CVE-2021-45931 Tenable has extracted the preceding description block directly from the...
Medium: harfbuzz
Issue Overview: HarfBuzz 2.9.0 has an out-of-bounds write in hbbitsetinvertiblet::set called from hbsparsesett::set and hbsetcopy. CVE-2021-45931 Affected Packages: harfbuzz Issue Correction: Run dnf update harfbuzz --releasever 2023.0.20230322 or dnf update --advisory ALAS2023-2023-036...
Amazon Linux 2023 : harfbuzz, harfbuzz-devel, harfbuzz-icu (ALAS2023-2023-036)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-036 advisory. HarfBuzz 2.9.0 has an out-of-bounds write in hbbitsetinvertiblet::set called from hbsparsesett::set and hbsetcopy. CVE-2021-45931 Tenable has extracted the preceding description block directly from the...
GLSA-202209-11 : HarfBuzz: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202209-11 HarfBuzz: Multiple vulnerabilities - HarfBuzz 2.9.0 has an out-of-bounds write in hbbitsetinvertiblet::set called from hbsparsesett::set and hbsetcopy. CVE-2021-45931 - An integer overflow in the component...
CVE-2021-45931
An out-of-bounds write flaw was found in HarfBuzz, arising from a boundary error in the hbbitsetinvertiblet::set function when processing untrusted input. This flaw allows an attacker to create a specially crafted file, convince the victim to open it, and trigger an out-of-bounds write. In some...
CVE-2021-45931
CVE-2021-45931 affects HarfBuzz 2.9.0, with an out-of-bounds write in hb_bit_set_invertible_t::set called from hb_sparseset_t::set and hb_set_copy. Exploitation details are not provided in the initial description. Public references (ALAS2022/ALAS2023) indicate updates to HarfBuzz (e.g., 2.9.1) an...