CVE-2017-7475

Publication date 19 May 2017

Last updated 11 July 2025

Ubuntu priority

Cvss 3 Severity Score

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Show unmaintained releases

Package	Ubuntu Release	Status
cairo	25.10 questing	Vulnerable, fix deferred
	25.04 plucky	Vulnerable, fix deferred
	24.10 oracular	Ignored end of life, was deferred
	24.04 LTS noble	Vulnerable, fix deferred
	23.10 mantic	Ignored end of life, was deferred
	23.04 lunar	Ignored end of life, was deferred
	22.10 kinetic	Ignored end of life, was deferred
	22.04 LTS jammy	Vulnerable, fix deferred
	21.10 impish	Ignored end of life
	21.04 hirsute	Ignored end of life
	20.10 groovy	Ignored end of life
	20.04 LTS focal	Vulnerable, fix deferred
	19.10 eoan	Ignored end of life
	19.04 disco	Ignored end of life
	18.10 cosmic	Ignored end of life
	18.04 LTS bionic	Vulnerable, fix deferred
	17.10 artful	Ignored end of life
	17.04 zesty	Ignored end of life
	16.10 yakkety	Ignored end of life
	16.04 LTS xenial	Vulnerable, fix deferred
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Ignored end of life

as of 2020-11-26, no complete fix from upstream

as of 2022-05-02, no complete fix from upstream is available. and it seems like it was ignored and won’t get a proper fix.