58 matches found
MiracleLinux 9 : freetype-2.10.4-9.el9 (AXSA:2022-4561:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4561:02 advisory. FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405 Freetype: Segmentation...
GLSA-202402-06 : FreeType: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-06 FreeType: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
RHEL 8 : freetype (RHSA-2024:0420)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0420 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual...
Rocky Linux 9 : freetype (RLSA-2022:8340)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8340 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface. CVE-2022-2740...
CVE-2022-27404 affecting package qt5-qtbase for versions less than 5.15.9-1
CVE-2022-27404 affecting package qt5-qtbase for versions less than 5.15.9-1. A patched version of the package is available...
Oracle Primavera P6 Enterprise Project Portfolio Management (April 2023 CPU)
The version of Primavera P6 Enterprise Project Portfolio Management installed on the remote host are affected by a buffer overflow vulnerability as referenced in the April 2023 CPU advisory. - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction...
CBL Mariner 2.0 Security Update: freetype (CVE-2022-27404)
The version of freetype installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-27404 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow...
Amazon Linux 2023 : freetype, freetype-demos, freetype-devel (ALAS2023-2023-074)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-074 advisory. A heap buffer overflow leading to out-of-bounds write was found in freetype. Memory allocation based on truncated PNG width and height values allows for an out-of-bounds write to occur in...
Amazon Linux 2 : freetype (ALAS-2023-1909)
The version of freetype installed on the remote host is prior to 2.8-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1909 advisory. A heap buffer overflow flaw was found in Freetype's sfntinitface function in the sfobjs.c file. The vulnerability occurs...
Amazon Linux 2022 : freetype (ALAS2022-2022-238)
The version of freetype installed on the remote host is prior to 2.12.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-238 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to arbitrary code execution due to CVE-2022-27404
Summary FreeType is not used directly by IBM App Connect Enterprise Certified Container but is present as an operating system module in the DesignerAuthoring image used for mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance ma...
Oracle Linux 9 : freetype (ELSA-2022-8340)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8340 advisory. 2.10.4-9 - Guard face-size - Resolves: 2079280 2.10.4-8 - Properly guard faceindex - Resolves: 2079262 2.10.4-7 - Avoid invalid face index - Resolves:...
AlmaLinux 9 : freetype (ALSA-2022:8340)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8340 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface. CVE-2022-27404 ...
Rocky Linux 8 : freetype (RLSA-2022:7745)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7745 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface. CVE-2022-2740...
Moderate: Red Hat Security Advisory: freetype security update
An update for freetype is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RLSA-2022:8340 Moderate: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405...
ALSA-2022:8340 Moderate: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405...
Oracle Linux 8 : freetype (ELSA-2022-7745)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7745 advisory. 2.9.1-9 - Guard face-size - Resolves: 2079279 2.9.1-8 - Properly guard faceindex - Resolves: 2079261 2.9.1-7 - Do not search for windres - Resolves:...
Moderate: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: FreeType: Buffer overflow in sfntinitface CVE-2022-27404 FreeType: Segmentation violation via FNTSizeRequest CVE-2022-27405...
AlmaLinux 8 : freetype (ALSA-2022:7745)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7745 advisory. - FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface. CVE-2022-27404 ...