Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2017-7772
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-7772
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7772.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-7772
Downstream
DEBIAN-CVE-2017-7772
DLA-1007-1
DLA-1013-1
DLA-991-1
DSA-3881-1
DSA-3894-1
DSA-3918-1
RHSA-2017:1440
RHSA-2017:1561
RHSA-2017:1793
UBUNTU-CVE-2017-7772
USN-3315-1
USN-3321-1
USN-3398-1
openSUSE-SU-2017:1579-1
Related
MGASA-2017-0178
MGASA-2017-0217
openSUSE-SU-2017:1579-1
Published
2019-04-12T18:29:00Z
Modified
2025-09-19T09:08:27.340780Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/
Affected packages
Git
/
github.com/silnrsi/graphite
Affected ranges
Type
GIT
Repo
https://github.com/silnrsi/graphite
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
090076bf4b07701ba2d9688c7c66349ecb28bea6
Affected versions
0.*
0.9.3
0.9.4
1.*
1.0.1
1.0.2
1.0.3
1.1.0
1.1.1
1.1.2
1.1.3
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.8
1.3.9
Release_0.*
Release_0.9
Other
base
coll_1
collisions.*
collisions.phase1
r0.*
r0.9.1
CVE-2017-7772 - OSV