Vulnerabilities > Freetype

DATE CVE VULNERABILITY TITLE RISK
2020-11-03 CVE-2020-15999 Out-Of-Bounds Write vulnerability in multiple products
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
4.3
2019-09-03 CVE-2015-9383 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
4.3
2019-09-03 CVE-2015-9382 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
4.3
2019-09-03 CVE-2015-9381 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
6.8
2019-07-30 CVE-2015-9290 Out-Of-Bounds Read vulnerability in Freetype
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
network
low complexity
freetype CWE-125
7.5
2018-02-13 CVE-2018-6942 Null Pointer Dereference vulnerability in multiple products
An issue was discovered in FreeType 2 through 2.9.
4.3
2017-04-27 CVE-2017-8287 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
network
low complexity
freetype CWE-119
7.5
2017-04-24 CVE-2017-8105 Out-Of-Bounds Write vulnerability in multiple products
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
network
low complexity
freetype debian CWE-787
7.5
2017-04-14 CVE-2017-7864 Out-Of-Bounds Write vulnerability in Freetype
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
network
low complexity
freetype CWE-787
7.5
2017-04-14 CVE-2017-7858 Out-Of-Bounds Write vulnerability in Freetype
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
network
low complexity
freetype CWE-787
7.5