VYPR

rpm package

almalinux/mingw32-freetype-static

pkg:rpm/almalinux/mingw32-freetype-static

Vulnerabilities (10)

  • CVE-2025-32911CriApr 15, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

  • CVE-2025-32910MedApr 14, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

  • CVE-2025-32909MedApr 14, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

  • CVE-2025-32913HigApr 14, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

  • CVE-2025-32907MedApr 14, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does n

  • CVE-2025-32906HigApr 14, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.

  • CVE-2025-32053MedApr 3, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.

  • CVE-2025-32052MedApr 3, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.

  • CVE-2025-32050MedApr 3, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.

  • CVE-2025-27363HigKEVMar 11, 2025
    affected < 2.8-3.el8_10.1fixed 2.8-3.el8_10.1

    An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned lo