← Back

CVE-2025-50951

nvd nist
Published: Oct 23, 2025Modified: Oct 27, 2025

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at /fontforge/sfd.c.

Affected (1)

Products: Fontforge: Fontforge
Fontforge
1 product
Fontforge
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Fontforge
Version 2023-01-01

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (1)

Source: cve@mitre.org
Patch

Timeline

No history available yet.