CVE-2024-25081 Information

Description

Splinefont in FontForge through 20230101 allows command injection via crafted filenames.

Reference

https://fontforge.org/en-US/downloads/ https://github.com/fontforge/fontforge/pull/5367