9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
57.3%
FreeType is vulnerable to denial of service. The vulnerability exists in sfnt_init_face
function due to a segment violation which allows an attacker to cause an application crash.
gitlab.freedesktop.org/freetype/freetype/-/issues/1138
lists.fedoraproject.org/archives/list/[email protected]/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
lists.fedoraproject.org/archives/list/[email protected]/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
lists.fedoraproject.org/archives/list/[email protected]/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
lists.fedoraproject.org/archives/list/[email protected]/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
lists.fedoraproject.org/archives/list/[email protected]/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.12/main.yaml
secdb.alpinelinux.org/v3.13/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
57.3%