Sign In

CVE-2026-34085

ADVISORY - nist

Summary

fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-193

Off-by-one Error

ADVISORY - redhat

CWE-193

Off-by-one Error

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in