CVE-2024-25081 | FontForge up to 20230101 Splinefont command injection

Posted by Angelo Barbosa | Feb 26, 2024 | CVE

A vulnerability has been found in FontForge up to 20230101 and classified as critical. This vulnerability affects unknown code of the component Splinefont. The manipulation leads to command injection.

This vulnerability was named CVE-2024-25081. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-25081 | FontForge up to 20230101 Splinefont command injection

Related Posts

CVE-2024-28338 | Totolink A8000RU 7.1cu.643_B20200521 improper authentication

CVE-2024-22025 | Node.js up to 18.19.0/20.11.0/21.6.1 Brotli fetch resource consumption

CVE-2021-22509 | OpenText NetIQ Advance Authentication up to 6.3.5.0 cleartext storage

CVE-2024-24565 | CrateDB 5.3.9/5.4.8/5.5.4/5.6.1 COPY FROM path traversal (GHSA-475g-vj6c-xf96)