rpm package
suse/freetype2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/freetype2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15999 | — | KEV | < 2.6.3-7.18.1 | 2.6.3-7.18.1 | Nov 3, 2020 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2017-8287 | Cri | 9.8 | < 2.6.3-7.15.1 | 2.6.3-7.15.1 | Apr 27, 2017 | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. | |
| CVE-2017-8105 | Cri | 9.8 | < 2.6.3-7.15.1 | 2.6.3-7.15.1 | Apr 24, 2017 | FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. | |
| CVE-2017-7864 | Cri | 9.8 | < 2.6.3-7.15.1 | 2.6.3-7.15.1 | Apr 14, 2017 | FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | |
| CVE-2016-10244 | Hig | 7.8 | < 2.6.3-7.15.1 | 2.6.3-7.15.1 | Mar 6, 2017 | The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. |
- affected < 2.6.3-7.18.1fixed 2.6.3-7.18.1
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
- affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
- affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
- affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.