Medium: freetype

🗓️ 07 Jun 2023 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 5 Views

Multiple vulnerabilities in FreeType can lead to crashes or denial of service. Update is required.

Reporter	Title	Published	Views	Family All 284
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java	10 May 202404:05	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms.	29 Feb 202416:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-27406	1 Dec 202216:53	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with CICS Transaction Gateway Desktop Edition.	29 Feb 202416:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	2 Feb 202303:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Control Center v6.2.1 and v6.3.1 is vulnerable with IBM Semeru Runtime Quarterly CPU - Apr 2023	4 Feb 202518:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities	30 Dec 202210:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data	8 Sep 202308:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-27405	1 Dec 202216:50	–	ibm
ATTACKERKB	CVE-2022-27406	22 Apr 202214:15	–	attackerkb

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	freetype	2.13.0-2.amzn2023.0.1	freetype-2.13.0-2.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	freetype	2.13.0-2.amzn2023.0.1	freetype-2.13.0-2.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	freetype-debuginfo	2.13.0-2.amzn2023.0.1	freetype-debuginfo-2.13.0-2.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	freetype-debuginfo	2.13.0-2.amzn2023.0.1	freetype-debuginfo-2.13.0-2.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	freetype-debugsource	2.13.0-2.amzn2023.0.1	freetype-debugsource-2.13.0-2.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	freetype-debugsource	2.13.0-2.amzn2023.0.1	freetype-debugsource-2.13.0-2.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	freetype-demos	2.13.0-2.amzn2023.0.1	freetype-demos-2.13.0-2.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	freetype-demos	2.13.0-2.amzn2023.0.1	freetype-demos-2.13.0-2.amzn2023.0.1.x86_64.rpm
Amazon Linux	2	aarch64	freetype-demos-debuginfo	2.13.0-2.amzn2023.0.1	freetype-demos-debuginfo-2.13.0-2.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	freetype-demos-debuginfo	2.13.0-2.amzn2023.0.1	freetype-demos-debuginfo-2.13.0-2.amzn2023.0.1.x86_64.rpm

07 Jun 2023 00:00Current

6.9Medium risk

Vulners AI Score6.9

CVSS 25

CVSS 3.17.5

EPSS0.00151

vulnerabilities freetype denial of service segmentation fault memory access integer overflow update