MiracleLinux 8 : mingw-freetype-2.8-3.el8_10.1 (AXSA:2025-9969:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9969:01 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 libsoup: Integer...

Security Bulletin: Multiple vulnerabilities that affects IBM Db2 Data Management Console. (CVE-2023-51775, CVE-2023-23916, CVE-2025-27363, CVE-2024-38819, CVE-2024-45801, CVE-2024-47176, CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, CVE-2024-29857)

Summary curl, libcurl, jose4j-0.9.3, spring-webmvc-6.0.14, bcprov-jdk18on-1.74, path-to-regexp-1.8.0, spring-web-6.0.11, dompurify-2.2.7 the following dependency packages are being used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerabilit...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

CLSA-2025-1745956171 freetype: Fix of CVE-2025-27363

CVE-2025-27363: fix out of bounds write in font subglyph structures parsing...

CLSA-2025-1742926404 freetype: Fix of CVE-2025-27363

CVE-2025-27363: fix OOB write when parsing font subglyph structures...

Security update for freetype2

This update for freetype2 fixes the following issues: CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font subglyph structures related to TrueType GX and variable font files bsc1239465. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

MGASA-2025-0099 Updated freetype2 packages fix security vulnerability

An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files which may result in arbitrary code execution...

CVE-2025-27363

An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...

VulnCheck KEV: CVE-2025-27363

FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution...

CVE-2025-27363

An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a...