CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).

References

Affected packages

Git / github.com/gnome/gnome-font-viewer

Affected ranges

Type

GIT

Repo

https://github.com/gnome/gnome-font-viewer

Events

Introduced

Last affected

f8c6054ea0c0a9586e1a5c0e6460a4c0168c38af

Database specific

{
    "cpe": "cpe:2.3:a:gnome:gnome-font-viewer:3.34.0:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.34.0"
        }
    ]
}

Affected versions

3.*

3.10.0

3.12.0

3.13.90

3.14.0

3.15.90

3.16.0

3.16.2

3.20.0

3.20.2

3.22.0

3.23.91

3.24.0

3.25.90

3.26.0

3.27.0

3.27.90

3.28.0

3.3.2

3.3.2.1

3.3.92

3.30.0

3.32.0

3.33.4

3.33.90

3.34.0

3.4.0

3.5.1

3.5.2

3.5.3

3.5.4

3.5.90

3.5.91

3.5.92

3.6.0

3.8.0

3.9.90

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-19308.json"