Vulnerabilities > Harfbuzz Project > Harfbuzz > 4.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-04 | CVE-2023-25193 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | 7.5 |
| 2022-06-23 | CVE-2022-33068 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | 5.5 |