Fedora 43 : fontforge (2026-4f7402837e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4f7402837e advisory. Resolves: CVE-2025-15270 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Fedora 42 : fontforge (2026-3dbd8c4b89)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3dbd8c4b89 advisory. Resolves: CVE-2025-15270 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Important: fontforge

Issue Overview: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the...

MiracleLinux 7 : fontforge-20120731b-13.el7 (AXSA:2020-749:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-749:01 advisory. fontforge: out-of-bounds write in SFDGetFontMetaData function in sfd.c CVE-2020-5395 Tenable has extracted the preceding description block directly from the...

SUSE-SU-2020:3628-1 Security update for fontforge

This update for fontforge fixes the following issues: - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690...

Amazon Linux 2 : fontforge (ALAS-2020-1514)

The version of fontforge installed on the remote host is prior to 20120731b-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1514 advisory. An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw...