Lucene search
K

71 matches found

Amazon
Amazon
added 2026/03/27 12:0 a.m.8 views

Medium: freetype

Issue Overview: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. CVE-2026-23865...

5.3CVSS5.9AI score0.00141EPSS
Exploits0
OSV
OSV
added 2026/03/15 5:55 a.m.2 views

OESA-2026-1577 freetype security update

FreeType is written in C, designed to be small,efficient, highly customizable, and portable while capable of producing high-quality output glyph images of most vector and bitmap font formats Security Fixes: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in...

5.3CVSS5.8AI score0.00141EPSS
Exploits0References2
OSV
OSV
added 2026/03/15 5:55 a.m.3 views

OESA-2026-1574 freetype security update

FreeType is written in C, designed to be small,efficient, highly customizable, and portable while capable of producing high-quality output glyph images of most vector and bitmap font formats Security Fixes: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in...

5.3CVSS5.8AI score0.00141EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/03/04 9:9 a.m.4 views

An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

...

5.3CVSS5.8AI score0.00141EPSS
Exploits0
OSV
OSV
added 2026/03/02 5:16 p.m.7 views

AZL-78701 CVE-2026-23865 affecting package freetype 2.13.1-1

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS5.8AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 5:16 p.m.4 views

CVE-2026-23865

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS5.9AI score0.00141EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/02 4:9 p.m.5 views

EUVD-2026-9195

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS6AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/02 4:9 p.m.35 views

CVE-2026-23865

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS0.00141EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/02 4:9 p.m.3 views

CVE-2026-23865

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS6AI score0.00141EPSS
Exploits0References3
CVE
CVE
added 2026/03/02 4:9 p.m.32 views

CVE-2026-23865

The CVE-2026-23865 entry concerns the FreeType library. Affected component: tt_var_load_item_variation_store in FreeType versions 2.13.2 and 2.13.3. Issue: integer overflow can cause an out-of-bounds read while parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. Impact is described as an ou...

5.3CVSS6AI score0.00141EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.7 views

FreeType 安全漏洞

FreeType is an open-source font rendering library developed by FreeType. Versions 2.13.2 and 2.13.3 of FreeType contain security vulnerabilities. These vulnerabilities stem from integer overflows in the ttvarloaditemvariationstore function, which may lead to out-of-bound reads when parsing...

5.3CVSS7.2AI score0.00141EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : freetype-2.10.4-9.el9.ML.2 (AXSA:2025-9776:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9776:01 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/06/23 11:15 a.m.6 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Freetype

A out-of-bounds write exists in FreeType versions 2.13.0 and below earlier versions of FreeType are not vulnerable. This issue occurs when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned...

8.1CVSS7.2AI score0.26049EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/05/29 6:42 a.m.5 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/05/28 8:3 a.m.9 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/05/27 3:16 p.m.5 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/03/31 6:0 p.m.5 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/03/31 2:26 p.m.5 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/03/31 3:9 a.m.6 views

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

8.1CVSS7.7AI score0.26049EPSS
Exploits1References6
Rows per page
Query Builder