Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freetype
(Freetype)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 92 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-03 | CVE-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Freetype, Chrome, Backports_sle | 6.5 | ||
2017-04-14 | CVE-2017-7857 | FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | Freetype | 9.8 | ||
2017-04-14 | CVE-2017-7858 | FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | Freetype | 9.8 | ||
2022-04-22 | CVE-2022-27404 | FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. | Fedora, Freetype | 9.8 | ||
2022-04-22 | CVE-2022-27405 | FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. | Fedora, Freetype | 7.5 | ||
2022-04-22 | CVE-2022-27406 | FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. | Fedora, Freetype | 7.5 | ||
2006-05-23 | CVE-2006-1861 | Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493. | Freetype | N/A | ||
2019-07-30 | CVE-2015-9290 | In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. | Freetype | 9.8 | ||
2019-09-03 | CVE-2015-9383 | FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. | Ubuntu_linux, Debian_linux, Freetype | 6.5 | ||
2007-05-17 | CVE-2007-2754 | Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow. | Freetype | N/A |