exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2025-66034

2 месяца назад

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.

CVSS3: 6.3

EPSS: Низкий

CVE-2025-66034

2 месяца назад

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.

CVSS3: 6.3

EPSS: Низкий

CVE-2025-66034

2 месяца назад

fontTools is a library for manipulating fonts, written in Python. In v ...

CVSS3: 6.3

EPSS: Низкий

openSUSE-SU-2026:20119-1

12 дней назад

Security update for python-FontTools

EPSS: Низкий

SUSE-SU-2026:0199-1

19 дней назад

Security update for python-FontTools

EPSS: Низкий

GHSA-768j-98cg-p3fv

2 месяца назад

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-66034 fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.	CVSS3: 6.3	0% Низкий	2 месяца назад
CVE-2025-66034 fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.	CVSS3: 6.3	0% Низкий	2 месяца назад
CVE-2025-66034 fontTools is a library for manipulating fonts, written in Python. In v ...	CVSS3: 6.3	0% Низкий	2 месяца назад
openSUSE-SU-2026:20119-1 Security update for python-FontTools		0% Низкий	12 дней назад
SUSE-SU-2026:0199-1 Security update for python-FontTools		0% Низкий	19 дней назад
GHSA-768j-98cg-p3fv fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib	CVSS3: 6.3	0% Низкий	2 месяца назад

Уязвимостей на страницу