cvedb.io
CVE-2018-15120
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2018-08-24T19:29:01.657 · Last modified 2026-06-17T01:42:04.647

Summary

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

Affected products

gnome — pango

Does this affect you?

Add your gear to cvedb and we'll alert you only when gnome ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.