0.009 Low
EPSS
Percentile
82.9%
FreeType is vulnerable to out-of-bounds write. A malicious user can use this to cause a system crash or to overwrite variables currently in the buffer. This is possible through the tt_size_reset function in truetype/ttobjs.c.
tt_size_reset
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8
www.securityfocus.com/bid/97673
bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
security.gentoo.org/glsa/201706-14
www.oracle.com/security-alerts/cpuapr2020.html