VDB
GCVE-110-MAGEIA-2016-77
GCVE-110-MAGEIA-2016-77
Advisory Published
Multiple vulnerabilities in the graphite2 font library can result in
information disclosure, denial-of-service (application crashes), or code
execution via out-of-bounds reads, a NULL pointer dereference, and a
heap-based buffer overflow (CVE-2016-1521, CVE-2016-1522, CVE-2016-1523,
CVE-2016-1526).
Firefox includes a bundled copy of the graphite2 library, which has been
updated in Firefox ESR 38.6.1.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | firefox-l10n | 0 (affected), 38.6.1-1.mga5 (unaffected), 38.6.1-1.mga5 (unaffected), 0 (affected) | — |
| Mageia | isodumper | 0 (affected), 0.47-1.mga5 (unaffected) | — |
| Mageia | graphite2 | 0 (affected), 0 (affected), 1.3.5-1.mga5 (unaffected), 1.3.5-1.mga5 (unaffected) | — |
| Mageia | firefox | 0 (affected), 38.6.1-1.mga5 (unaffected), 0 (affected), 38.6.1-1.mga5 (unaffected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.