CVE search results

1 – 10 of 100 results

Detailed view

Sort by:

CVE-2025-27363

Medium priority

Fixed

An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable...

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	Not affected	Fixed	Fixed	Fixed

CVE-2025-23022

Medium priority

Needs evaluation

FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	Not affected	Not affected	Not affected	Needs evaluation

CVE-2023-2004

Medium priority

Fixed

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	Fixed	Fixed	Not affected

CVE-2022-31782

Medium priority

Some fixes available 3 of 4

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	Fixed	Fixed	Fixed

CVE-2022-27406

Low priority

Some fixes available 5 of 6

FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	Not affected	Fixed	Fixed	Fixed

CVE-2022-27405

Low priority

Some fixes available 3 of 4

FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	Fixed	Fixed	Fixed

CVE-2022-27404

Medium priority

Some fixes available 3 of 4

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	Fixed	Fixed	Fixed

CVE-2020-15999

High priority

Some fixes available 16 of 17

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

18 affected packages

chromium-browser, godot, graphicsmagick, musescore, openjdk-13...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	Not in release	Fixed
godot	Not affected	Not affected	Not affected	Not in release
graphicsmagick	Not affected	Not affected	Not affected	Not affected
musescore	Not in release	Not in release	Not affected	Not affected
openjdk-13	Not in release	Not in release	Not affected	Not in release
texmaker	Not affected	Not affected	Not affected	Not affected
android	Not in release	Not in release	Not in release	Not in release
firefox	Not affected	Not affected	Not in release	Not affected
freetype	Fixed	Fixed	Fixed	Fixed
openjdk-lts	Not affected	Not affected	Not affected	Not affected
openjdk-15	Not in release	Not in release	Not in release	Not in release
oxide-qt	Not in release	Not in release	Not in release	Not in release
paraview	Not affected	Not affected	Not affected	Not affected
qtbase-opensource-src	Not affected	Not affected	Not affected	Not affected
thunderbird	Not affected	Not affected	Not in release	Not affected
openjdk-12	Not in release	Not in release	Not in release	Not in release
qtbase-opensource-src-gles	Not affected	Not affected	Not affected	Not in release
texlive-bin	Not affected	Not affected	Not affected	Not affected

CVE-2018-6942

Medium priority

Fixed

An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	—	—	—

CVE-2017-8287

Medium priority

Some fixes available 4 of 5

FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.

1 affected package

freetype

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freetype	—	—	—	—

Export to JSON

Results by page:

Search CVE reports