Описание
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of OpenJDK 1.8 | Linux | Not affected | ||
| Red Hat build of OpenJDK 1.8 | Windows | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.6.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.7.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.8.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 7 | harfbuzz | Out of support scope | ||
| Red Hat Enterprise Linux 7 | java-1.6.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.7.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.8.0-openjdk | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to ...
EPSS
7.5 High
CVSS3