rpm package
opensuse/fontforge&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/fontforge&distro=openSUSE%20Leap%2016.0
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-15279 | — | < 20251009-160000.1.1 | 20251009-160000.1.1 | Dec 31, 2025 | FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the ta | ||
| CVE-2025-15275 | — | < 20251009-160000.1.1 | 20251009-160000.1.1 | Dec 31, 2025 | FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target mu | ||
| CVE-2025-15270 | — | < 20251009-160000.2.1 | 20251009-160000.2.1 | Dec 31, 2025 | FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the t | ||
| CVE-2025-15269 | — | < 20251009-160000.1.1 | 20251009-160000.1.1 | Dec 31, 2025 | FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a m | ||
| CVE-2025-50949 | — | < 20230101-160000.3.1 | 20230101-160000.3.1 | Oct 23, 2025 | FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8. |
- CVE-2025-15279Dec 31, 2025affected < 20251009-160000.1.1fixed 20251009-160000.1.1
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the ta
- CVE-2025-15275Dec 31, 2025affected < 20251009-160000.1.1fixed 20251009-160000.1.1
FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target mu
- CVE-2025-15270Dec 31, 2025affected < 20251009-160000.2.1fixed 20251009-160000.2.1
FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the t
- CVE-2025-15269Dec 31, 2025affected < 20251009-160000.1.1fixed 20251009-160000.1.1
FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a m
- CVE-2025-50949Oct 23, 2025affected < 20230101-160000.3.1fixed 20230101-160000.3.1
FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8.