Amazon Linux 2 : freetype (ALAS-2025-2806)
The version of freetype installed on the remote host is prior to 2.8-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2806 advisory. FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c. CVE-2025-23022 An out of bounds write exists ...