CNNVD-202510-3238 Information

CNNVD ID

CNNVD-202510-3238

Related CVE

CVE-2025-50951

• CNNVD Published: 2025-10-23

Description (Chinese)

FontForge是fontforge开源的一款开源的支持多种语言的字体编辑工具。 v20230101版本存在安全漏洞，该漏洞源于utf7toutf8_copy函数存在内存泄漏。

Description (English)

FontForge is an open-source multilingual font editing tool for the open-source Fontforge. Version v20230101 contains a security loophole, which originates from a memory leak in the utf7toutf8 copy function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

fontforge

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/fontforge/fontforge/pull/5495

Patch

https://github.com/fontforge/fontforge/releases