Your submission was sent successfully! Close

CVE-2017-7475

Published: 19 May 2017

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Notes

AuthorNote
mdeslaur
as of 2020-11-26, no complete fix from upstream
rodrigo-zaiden
as of 2022-05-02, no complete fix from upstream is available.
and it seems like it was ignored and won't get a proper fix.
Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
cairo
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Deferred

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Deferred

precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was deferred [2020-11-26])
upstream Needs triage

xenial Deferred

yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)