Search CVE reports
1 – 10 of 96 results
CVE-2022-31782
Medium prioritySome fixes available 3 of 4
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | Fixed | Fixed | Fixed | Not affected |
CVE-2022-27406
Low prioritySome fixes available 4 of 6
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2022-27405
Low prioritySome fixes available 3 of 4
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | Fixed | Fixed | Fixed | Not affected |
CVE-2022-27404
Medium prioritySome fixes available 3 of 4
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | Fixed | Fixed | Fixed | Not affected |
CVE-2020-15999
High prioritySome fixes available 15 of 16
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
18 affected packages
android, chromium-browser, firefox, freetype, godot...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
chromium-browser | Not affected | Not affected | Not affected | Fixed | Fixed |
firefox | Not affected | Not affected | Not affected | Not affected | Not affected |
freetype | Fixed | Fixed | Fixed | Fixed | Fixed |
godot | Not affected | Not affected | Not affected | Not in release | Not in release |
graphicsmagick | Not affected | Not affected | Not affected | Not affected | Not affected |
musescore | Not in release | Not in release | Not affected | Not affected | Not affected |
openjdk-12 | Not in release | Not in release | Not in release | Not in release | Not in release |
openjdk-13 | Not in release | Not in release | Not affected | Not in release | Not in release |
openjdk-15 | Not in release | Not in release | Not in release | Not in release | Not in release |
openjdk-lts | Not affected | Not affected | Not affected | Not affected | Not in release |
oxide-qt | Not in release | Not in release | Not in release | Not in release | Not affected |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
qtbase-opensource-src | Not affected | Not affected | Not affected | Not affected | Not affected |
qtbase-opensource-src-gles | Not affected | Not affected | Not affected | Not in release | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
texmaker | Not affected | Not affected | Not affected | Not affected | Not affected |
thunderbird | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2015-9383
Medium priorityFreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | — | — | Not affected | Fixed |
CVE-2015-9382
Medium priorityFreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | — | — | Not affected | Not affected |
CVE-2015-9381
Low priorityFreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | — | — | Not affected | Not affected |
CVE-2015-9290
Medium priorityIn FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | — | — | Not affected | Not affected |
CVE-2018-6942
Medium priorityAn issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
1 affected package
freetype
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
freetype | — | — | — | — | Not affected |