VYPR

rpm package

suse/freetype2&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/freetype2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (2)

  • CVE-2025-27363HigKEVMar 11, 2025
    affected < 2.6.3-7.21.1fixed 2.6.3-7.21.1

    An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned lo

  • CVE-2025-23022Jan 10, 2025
    affected < 2.6.3-7.24.1fixed 2.6.3-7.24.1

    FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.