CVE-2026-0943

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...

CVE-2026-0943

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...

Linux Distros Unpatched Vulnerability : CVE-2026-22693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function locate...

Advisory ROSA-SA-2025-2803

Software: harfbuzz 1.7.5 OS: ROSA Virtualization 3.0 packageevrstring: harfbuzz-1.7.5-4.rv30 CVE-ID: CVE-2023-25193 BDU-ID: 2023-06149 CVE-Crit: HIGH CVE-DESC.: Vulnerability in the hb-ot-layout-gsubgpos.hh component of the Harfbuzz text conversion library is related to unrestricted resource...

java-11-openjdk security and bug fix update

1:11.0.20.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.20.0.8-2 - Bump release number so we are newer than 9.0 - Related: rhbz2221106 1:11.0.20.0.8-1 - Update to jdk-11.0.20.0+8 GA - Update release notes to 11.0.20.0+8 - Drop local inclusion of JDK-8274864 & JDK-8305113 as they a...

UBUNTU-CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service DoS via unspecified vectors...