Msrc Cbl2 Harfbuzz 3.4.0-3 On Cbl Mariner 2.0 vulnerabilities
2 known vulnerabilities affecting msrc/cbl2_harfbuzz_3.4.0-3_on_cbl_mariner_2.0.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-22693MEDIUMCVSS 5.32026-01-13
CVE-2026-22693 [MEDIUM] CWE-476 Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS
Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2023-25193HIGHCVSS 7.52023-02-14
CVE-2023-25193 [HIGH] CWE-770 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is
msrc