hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
References
Configurations
History
07 Nov 2023, 04:08
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
25 Jul 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-02-04 20:15
Updated : 2024-02-28 19:51
NVD link : CVE-2023-25193
Mitre link : CVE-2023-25193
CVE.ORG link : CVE-2023-25193
JSON object : View
Products Affected
fedoraproject
- fedora
harfbuzz_project
- harfbuzz
CWE
CWE-770
Allocation of Resources Without Limits or Throttling