HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
References
Configurations
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 Oct 2022, 12:54
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202209-11 - Third Party Advisory |
25 Sep 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Feb 2022, 14:52
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EAIZKL4O67FN2CWJYHYKZEMNYWNWO3D/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5A7TCR2MY46YK3NHQZB3SLESUH354IEA/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DI6247WOAKB46CZZ6SCDSJVWWCW3GMZH/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject fedora
Fedoraproject |
22 Jan 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jan 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Jan 2022, 20:10
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/harfbuzz/harfbuzz/commit/d3e09bf4654fe5478b6dbf2b26ebab6271317d81 - Patch, Third Party Advisory | |
References | (MISC) https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425 - Exploit, Issue Tracking, Third Party Advisory | |
References | (MISC) https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2021-1159.yaml - Exploit, Third Party Advisory | |
CWE | CWE-787 | |
First Time |
Harfbuzz Project
Harfbuzz Project harfbuzz |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
CPE | cpe:2.3:a:harfbuzz_project:harfbuzz:2.9.0:*:*:*:*:*:*:* |
01 Jan 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-01 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-45931
Mitre link : CVE-2021-45931
CVE.ORG link : CVE-2021-45931
JSON object : View
Products Affected
fedoraproject
- fedora
harfbuzz_project
- harfbuzz
CWE
CWE-787
Out-of-bounds Write