vulnerability

Red Hat: CVE-2024-25081: fontforge: command injection via crafted filenames (Multiple Advisories)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:L/AC:H/Au:S/C:P/I:P/A:P)
Published
02/26/2024
Added
07/03/2024
Modified
11/13/2024

Description

Splinefont in FontForge through 20230101 allows command injection via crafted filenames.

Solution(s)

redhat-upgrade-fontforgeredhat-upgrade-fontforge-debuginforedhat-upgrade-fontforge-debugsource

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today