Known Vulnerabilities for products from Fontconfig Project
Listed below are 2 of the newest known vulnerabilities associated with the vendor "Fontconfig Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34085 json | fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-... | Not Provided | 2026-03-25 | 2026-05-12 |
| CVE-2016-5384 json | fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently... | Not Provided | 2016-08-13 | 2026-05-06 |
Known software with vulnerabilities from Fontconfig Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Fontconfig Project | Fontconfig | 2.12 |