Medium severity6.5NVD Advisory· Published Aug 24, 2018· Updated Jun 17, 2026
CVE-2018-15120
CVE-2018-15120
Description
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: >=1.40.8, <=1.42.3
- osv-coords3 versionspkg:rpm/opensuse/hexchat&distro=openSUSE%20Tumbleweedpkg:rpm/suse/pango&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/pango&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
< 2.14.3-4.4+ 2 more
- (no CPE)range: < 2.14.3-4.4
- (no CPE)range: < 1.40.14-3.3.1
- (no CPE)range: < 1.40.14-3.3.1
Patches
Vulnerability mechanics
References
11- github.com/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5fnvdPatchThird Party Advisory
- mail.gnome.org/archives/distributor-list/2018-August/msg00001.htmlnvdPatchThird Party Advisory
- 52.117.224.77/xfce4-pdos.webmnvdExploitThird Party Advisory
- www.exploit-db.com/exploits/45263nvdExploitPatchThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/45263/nvdExploitPatchThird Party AdvisoryVDB Entry
- www.ign.com/articles/2018/10/16/ps4s-are-reportedly-being-bricked-and-sony-is-working-on-a-fixnvdExploitThird Party Advisory
- github.com/GNOME/pango/blob/1.42.4/NEWSnvdRelease NotesThird Party Advisory
- i.redd.it/v7p4n2ptu0s11.jpgnvdThird Party Advisory
- security.gentoo.org/glsa/201811-07nvdThird Party Advisory
- usn.ubuntu.com/3750-1/nvdThird Party Advisory
- www.reddit.com/r/PS4/comments/9o5efg/message_bricking_console_megathread/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.