CVE-2014-2570

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2014-2570
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-2570.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2014-2570
Published
2015-08-31T18:59:05Z
Modified
2024-06-30T12:51:27.852039Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

References

Affected packages

Debian:11 / php-font-lib

Package

Name
php-font-lib
Purl
pkg:deb/debian/php-font-lib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.3.1+dfsg-3.1
0.3.1+dfsg-4
0.5.4+dfsg-1
0.5.4+dfsg-2
0.5.4+dfsg-3
0.5.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / php-font-lib

Package

Name
php-font-lib
Purl
pkg:deb/debian/php-font-lib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.5.4+dfsg-2
0.5.4+dfsg-3
0.5.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / php-font-lib

Package

Name
php-font-lib
Purl
pkg:deb/debian/php-font-lib?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.5.4+dfsg-2
0.5.4+dfsg-3
0.5.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}