38 matches found
BIT-JRE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
PT-2026-38795
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
BIT-JAVA-MIN-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
BIT-JAVA-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
PT-2026-37774
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
PT-2026-37981
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
MiracleLinux 7 : harfbuzz-1.7.5-2.0.1.el7.AXS7 (AXSA:2024-8760:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8760:03 advisory. CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh CVEs: CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through...
JLSEC-2025-175 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via con...
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
CLSA-2025-1745945560 harfbuzz: Fix of CVE-2023-25193
CVE-2023-25193: fix On^2 growth triggered by consecutive marks during mark attachment...
Medium: harfbuzz
Issue Overview: hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE-2023-25193 Affected Packages: harfbuzz Note: This advisory is applicable to Amazon Linux 2...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
BIT-GITLAB-2020-26414
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution time have quadratic growth based on the length of the malicious input string...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...
harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...