Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freetype
(Freetype)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 92 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-04-14 | CVE-2016-10328 | FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. | Freetype, Outside_in_technology | 9.8 | ||
2010-08-19 | CVE-2010-2520 | Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | Mac_os_x, Ubuntu_linux, Debian_linux, Freetype | N/A | ||
2010-08-19 | CVE-2010-2497 | Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | Mac_os_x, Debian_linux, Freetype | N/A | ||
2018-02-13 | CVE-2018-6942 | An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. | Ubuntu_linux, Freetype | 6.5 | ||
2017-04-27 | CVE-2017-8287 | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. | Freetype | 9.8 | ||
2017-04-24 | CVE-2017-8105 | FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. | Debian_linux, Freetype | 9.8 | ||
2017-04-14 | CVE-2017-7864 | FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | Freetype | 9.8 | ||
2017-04-14 | CVE-2017-7858 | FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | Freetype | 9.8 | ||
2017-04-14 | CVE-2017-7857 | FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | Freetype | 9.8 | ||
2017-03-06 | CVE-2016-10244 | The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. | Debian_linux, Freetype | 7.8 |