CVE-2024-25081
Published: 26 February 2024
Splinefont in FontForge through 20230101 allows command injection via crafted filenames.
Priority
Status
Package | Release | Status |
---|---|---|
fontforge Launchpad, Ubuntu, Debian |
bionic |
Released
(1:20170731~dfsg-1ubuntu0.1~esm1)
Available with Ubuntu Pro |
focal |
Released
(1:20190801~dfsg-4ubuntu0.1)
|
|
jammy |
Released
(1:20201107~dfsg-4+deb11u1build0.22.04.1)
|
|
mantic |
Released
(1:20230101~dfsg-1ubuntu0.1)
|
|
noble |
Not vulnerable
(1:20230101~dfsg-1.1build1)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Released
|
|
xenial |
Released
(20120731.b-7.1ubuntu0.1+esm1)
Available with Ubuntu Pro |