cbcvebase.
CVE-2017-7771
published 2019-04-15

CVE-2017-7771: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.

high8.1CVSS 3.0
AVNACLPRNUIRSUCHINAH
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.

Affected

14 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 54.0-1 (sid)firefox 54.0-1 (sid)
debianfirefox-esr< firefox 54.0-1 (sid)firefox 54.0-1 (sid)
debiangraphite2< firefox 54.0-1 (sid)firefox 54.0-1 (sid)
mozillafirefox< 54.054.0
mozillafirefox
mozillafirefox>= 0 < 54.0+build3-0ubuntu0.14.04.154.0+build3-0ubuntu0.14.04.1
mozillafirefox>= 0 < 54.0+build3-0ubuntu0.16.04.154.0+build3-0ubuntu0.16.04.1
mozillathunderbird>= 0 < 1:52.2.1+build1-0ubuntu0.14.04.11:52.2.1+build1-0ubuntu0.14.04.1
mozillathunderbird>= 0 < 1:52.2.1+build1-0ubuntu0.16.04.11:52.2.1+build1-0ubuntu0.16.04.1
silgraphite2< 1.3.101.3.10
silgraphite2>= 0 < 1.3.10-11.3.10-1
silgraphite2>= 0 < 1.3.10-11.3.10-1
silgraphite2>= 0 < 1.3.10-11.3.10-1
silgraphite2>= 0 < 1.3.10-11.3.10-1

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
osv9.8CRITICAL