Nixpkgs security tracker
Permalink
CVE-2026-34085
5.9 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): Low (L)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): Low (L)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
5 packages
- ocamlPackages.fontconfig
- ocamlPackages_latest.fontconfig
- python312Packages.python-fontconfig
- python313Packages.python-fontconfig
- python314Packages.python-fontconfig
- @LeSuisse dismissed
fontconfig before 2.17.1 has an off-by-one error in allocation during …
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c.
References
Affected products
fontconfig
- <2.17.1
Matching in nixpkgs
Ignored packages (5)
pkgs.ocamlPackages.fontconfig
Fontconfig bindings for OCaml
-
nixos-unstable 2013-11-03
- nixpkgs-unstable 2013-11-03
- nixos-unstable-small 2013-11-03
-
nixos-25.11 2013-11-03
- nixos-25.11-small 2013-11-03
- nixpkgs-25.11-darwin 2013-11-03
pkgs.ocamlPackages_latest.fontconfig
Fontconfig bindings for OCaml
-
nixos-unstable 2013-11-03
- nixpkgs-unstable 2013-11-03
- nixos-unstable-small 2013-11-03
pkgs.python312Packages.python-fontconfig
Python binding for Fontconfig
pkgs.python313Packages.python-fontconfig
Python binding for Fontconfig
pkgs.python314Packages.python-fontconfig
Python binding for Fontconfig
Package maintainers
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>