Fluid Attacks Database

Description

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.17	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
debian 13	pango1.0	>=0 <1.42.4-7	1.42.4-7
alpine v3.19	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.22	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.10	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.42.4-r2	1.42.4-r2
alpine v3.11	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.12	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.20	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.21	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0
alpine v3.13	pango	=1.24.0-r0 \|\| =1.24.1-r0 \|\| =1.24.2-r0 \|\| =1.24.4-r0 \|\| =1.24.5-r0 \|\| =1.26.0-r0 \|\| =1.26.1-r0 \|\| =1.26.2-r0 \|\| =1.26.2-r1 \|\| =1.28.0-r0 \|\| =1.28.0-r1 \|\| =1.28.1-r0 \|\| =1.28.1-r1 \|\| =1.28.1-r2 \|\| =1.28.3-r0 \|\| =1.28.3-r1 \|\| =1.28.4-r0 \|\| =1.28.4-r1 \|\| =1.28.4-r2 \|\| =1.28.4-r3 \|\| =1.28.4-r4 \|\| =1.28.4-r5 \|\| =1.29.4-r0 \|\| =1.29.4-r1 \|\| =1.30.0-r0 \|\| =1.30.1-r0 \|\| =1.32.1-r0 \|\| =1.32.1-r1 \|\| =1.32.1-r2 \|\| =1.32.2-r0 \|\| =1.32.4-r0 \|\| =1.32.5-r0 \|\| =1.34.0-r0 \|\| =1.34.1-r0 \|\| =1.35.2-r0 \|\| =1.36.0-r0 \|\| =1.36.1-r0 \|\| =1.36.2-r0 \|\| =1.36.3-r0 \|\| =1.36.5-r0 \|\| =1.36.6-r0 \|\| =1.36.8-r0 \|\| =1.36.8-r1 \|\| =1.36.8-r2 \|\| =1.38.1-r0 \|\| =1.39.0-r0 \|\| =1.40.1-r0 \|\| =1.40.1-r1 \|\| =1.40.11-r0 \|\| =1.40.12-r0 \|\| =1.40.13-r0 \|\| =1.40.14-r0 \|\| =1.40.2-r0 \|\| =1.40.3-r0 \|\| =1.40.5-r0 \|\| =1.40.6-r0 \|\| =1.42.1-r0 \|\| =1.42.4-r0 \|\| =1.42.4-r1 \|\| >=0 <1.44.1-r0	1.44.1-r0

1-10 of 22

Aliases

1. CVE-2019-10102382. NVD-2019-10102383. OSV-ALPINE-2019-10102384. OSV-2019-10102385. OSV-DEBIAN-2019-10102386. SECURITY-CVE-2019-10102387. SECURITY-TRACKER-CVE-2019-1010238

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.