Lucene search
PRIOn knowledge basePRION:CVE-2023-25193HistoryFeb 04, 2023 - 8:15 p.m.
Code injection
2023-02-0420:15:00
PRIOn knowledge base
www.prio-n.com
9
code injection
harfbuzz
vulnerability
o(n^2) growth
marks
base glyphs
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
References
chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS
github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh
github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
lists.fedoraproject.org/archives/list/[email protected]/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/
lists.fedoraproject.org/archives/list/[email protected]/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/
security.netapp.com/advisory/ntap-20230725-0006/
Related
nessus
nessus
Oracle Linux 9 : harfbuzz (ELSA-2024-2410)
2024-05-06 00:00:00
Fedora 38 : cairo / freetype / harfbuzz / qt6-qtwebengine (2023-a48406ecd2)
2023-03-14 00:00:00
EulerOS 2.0 SP5 : harfbuzz (EulerOS-SA-2024-1142)
2024-02-08 00:00:00
redos
redos
ROS-20240329-19
2024-03-29 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: cairo-1.17.8-2.fc38
2023-03-14 03:31:48
[SECURITY] Fedora 38 Update: harfbuzz-7.0.1-2.fc38
2023-03-14 03:31:51
[SECURITY] Fedora 38 Update: freetype-2.13.0-2.fc38
2023-03-14 03:31:50
f5
f5
K000135674 : HarfBuzz vulnerability CVE-2023-25193
2023-07-31 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for harfbuzz (EulerOS-SA-2024-1142)
2024-02-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1822-1)
2023-05-05 00:00:00
Huawei EulerOS: Security Advisory for harfbuzz (EulerOS-SA-2023-2270)
2023-07-04 00:00:00
oraclelinux
oraclelinux
harfbuzz security update
2024-05-23 00:00:00
harfbuzz security update
2024-05-02 00:00:00
java-11-openjdk security and bug fix update
2023-07-21 00:00:00
osv
osv
Moderate: harfbuzz security update
2024-05-22 00:00:00
CVE-2023-25193
2023-02-04 20:15:08
Moderate: harfbuzz security update
2024-04-30 00:00:00
nvd
nvd
CVE-2023-25193
2023-02-04 20:15:08
cbl_mariner
cbl_mariner
CVE-2023-25193 affecting package mozjs60 60.9.0-13
2024-07-03 03:08:33
CVE-2023-25193 affecting package harfbuzz 2.6.4-4
2023-03-16 03:40:02
CVE-2023-25193 affecting package harfbuzz for versions less than 3.4.0-3
2023-03-09 00:24:20
alpinelinux
alpinelinux
CVE-2023-25193
2023-02-04 20:15:08
cvelist
cvelist
CVE-2023-25193
2023-02-04 00:00:00
ubuntucve
ubuntucve
CVE-2023-25193
2023-02-04 00:00:00
cve
cve
CVE-2023-25193
2023-02-04 20:15:08
redhatcve
redhatcve
CVE-2023-25193
2023-02-06 04:26:12
redhat
redhat
(RHSA-2024:2410) Moderate: harfbuzz security update
2024-04-30 06:15:38
(RHSA-2024:2980) Moderate: harfbuzz security update
2024-05-22 06:35:15
(RHSA-2023:4233) Moderate: java-11-openjdk security and bug fix update
2023-07-20 12:24:12
veracode
veracode
Denial Of Service (DoS)
2023-02-09 17:06:41
almalinux
almalinux
Moderate: harfbuzz security update
2024-04-30 00:00:00
Moderate: harfbuzz security update
2024-05-22 00:00:00
Moderate: java-11-openjdk security and bug fix update
2023-07-20 00:00:00
debiancve
debiancve
CVE-2023-25193
2023-02-04 20:15:08
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0339
2023-02-23 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0538
2023-02-26 00:00:00
ibm
ibm
amazon
amazon
Medium: java-11-amazon-corretto
2023-07-17 17:39:00
Medium: java-17-amazon-corretto
2023-07-17 17:39:00
Important: thunderbird
2023-03-02 22:36:00
ubuntu
ubuntu
OpenJDK regression
2023-08-30 00:00:00
OpenJDK vulnerabilities
2023-08-01 00:00:00
OpenJDK 20 vulnerabilities
2023-08-03 00:00:00
kaspersky
kaspersky
KLA51006 Multiple vulnerabilities in Oracle Java SE and GraalVM
2023-07-18 00:00:00
mageia
mageia
Updated java packages fix security vulnerabilities
2023-09-30 22:15:40
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00