Product:

Freetype

(Freetype)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 92
Date Id Summary Products Score Patch Annotated
2017-04-14 CVE-2016-10328 FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. Freetype, Outside_in_technology 9.8
2010-08-19 CVE-2010-2520 Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Mac_os_x, Ubuntu_linux, Debian_linux, Freetype N/A
2010-08-19 CVE-2010-2497 Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Mac_os_x, Debian_linux, Freetype N/A
2018-02-13 CVE-2018-6942 An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. Ubuntu_linux, Freetype 6.5
2017-04-27 CVE-2017-8287 FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. Freetype 9.8
2017-04-24 CVE-2017-8105 FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. Debian_linux, Freetype 9.8
2017-04-14 CVE-2017-7864 FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. Freetype 9.8
2017-04-14 CVE-2017-7858 FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. Freetype 9.8
2017-04-14 CVE-2017-7857 FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. Freetype 9.8
2017-03-06 CVE-2016-10244 The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. Debian_linux, Freetype 7.8