LAYER: meta
PACKAGE NAME: fontconfig
PACKAGE VERSION: 2.15.0
CVE: CVE-2016-5384
CVE STATUS: Patched
CVE SUMMARY: fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.8
CVSS v4 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2016-5384

LAYER: meta
PACKAGE NAME: fontconfig
PACKAGE VERSION: 2.15.0
CVE: CVE-2026-34085
CVE STATUS: Patched
CVE SUMMARY: fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.9
CVSS v4 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2026-34085