CVE-2024-25082 Information

Description

Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files.

Reference

https://fontforge.org/en-US/downloads/ https://github.com/fontforge/fontforge/pull/5367