suse · CVE-2014-1528

Quick triage

Priority: critical Published: 2021-05-30 13:19:02 UTC Updated: 2026-04-18 18:43:44 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-1528 severity critical: SUSE including 26 source package names (MozillaFirefox-140.2.0-160000.1.2, MozillaFirefox-50.1.0-1.1, …), 26 product×package rows across 4 product lines (SUSE Linux Enterprise Module for Desktop Applications 15, SUSE Linux Enterprise Server 16.0, openSUSE Leap 15.0, openSUSE Tumbleweed): Fixed 26.

Description:

The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.

cvelogic Threat Intelligence