rpm package
suse/fontconfig&distro=SUSE Linux Enterprise Server 12 SP1
pkg:rpm/suse/fontconfig&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5384 | Hig | 7.8 | < 2.11.0-6.1 | 2.11.0-6.1 | Aug 13, 2016 | fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. |
- affected < 2.11.0-6.1fixed 2.11.0-6.1
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.