CVE-2024-25082

MEDIUM6.5EPSS 1.6%
Published: 2/26/2024Modified: 4/28/2026

Description

Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files.

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1MEDIUM6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References (1)