High
CVSS 8.8
Overview
HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function.
CVE-2024-56732
HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is ...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 8.8 (HIGH)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.