Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
Off-by-one错误
Vulnerability Title
fontconfig 安全漏洞
Vulnerability Description
fontconfig是freedesktop开源的一种与字体相关的计算机程序库。 fontconfig 2.17.1之前版本存在安全漏洞,该漏洞源于sfnt能力处理期间分配存在差一错误,可能导致一字节越界写入,进而引发崩溃或代码执行。
CVSS Information
N/A
Vulnerability Type
N/A