Note:
This project will be discontinued after December 13, 2021. [more]
2019-04-15
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
| Products | Firefox, Graphite2 |
| Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
| First patch | - None (likely due to unavailable code) |
| Links | https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/ |