CNNVD-202510-3232 Information

CNNVD ID

CNNVD-202510-3232

Related CVE

CVE-2025-50949

• CNNVD Published: 2025-10-23

Description (Chinese)

FontForge是fontforge开源的一款开源的支持多种语言的字体编辑工具。 FontForge v20230101版本存在安全漏洞，该漏洞源于组件DlgCreate8存在内存泄漏。

Description (English)

FontForge is an open-source multilingual font editing tool for the open-source Fontforge. Version FontForge v20230101 contains a security loophole, resulting from the memory leak of component DlgCreate8.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

fontforge

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/fontforge/fontforge/pull/5491

Patch

https://github.com/fontforge/fontforge/releases