AZL-54704

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54704.json
JSON Data
https://api.osv.dev/v1/vulns/AZL-54704
Upstream
Published
2024-12-27T20:15:23Z
Modified
2026-04-21T04:35:40.725280Z
Summary
CVE-2024-56732 affecting package harfbuzz for versions less than 8.3.0-3
Details

HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hbcairoglyphsfrombuffer function.

References

Affected packages

Azure Linux:3 / harfbuzz

Package

Name
harfbuzz
Purl
pkg:rpm/azure-linux/harfbuzz

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.3.0-3

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54704.json"