Vulnerabilities > Freetype > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-01-10 CVE-2025-23022 Integer Overflow or Wraparound vulnerability in Freetype 2.8.1
FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.
local
low complexity
freetype CWE-190
6.2
6.2
2019-09-03 CVE-2015-9383 Out-of-bounds Read vulnerability in multiple products
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
network
low complexity
freetype debian canonical CWE-125
6.5
6.5
2019-09-03 CVE-2015-9382 Out-of-bounds Read vulnerability in multiple products
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
network
low complexity
freetype debian CWE-125
6.5
6.5
2018-02-13 CVE-2018-6942 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in FreeType 2 through 2.9.
network
low complexity
freetype canonical CWE-476
6.5
6.5