hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows...
High severity
Unreviewed
Published
Feb 4, 2023
to the GitHub Advisory Database
•
Updated Jul 25, 2023
Description
Published by the National Vulnerability Database
Feb 4, 2023
Published to the GitHub Advisory Database
Feb 4, 2023
Last updated
Jul 25, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
References