rpm package
suse/ft2demos&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/ft2demos&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27363 | Hig | 8.1 | KEV | < 2.6.3-7.21.1 | 2.6.3-7.21.1 | Mar 11, 2025 | An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned lo |
| CVE-2025-23022 | — | < 2.6.3-7.24.1 | 2.6.3-7.24.1 | Jan 10, 2025 | FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. |
- affected < 2.6.3-7.21.1fixed 2.6.3-7.21.1
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned lo
- CVE-2025-23022Jan 10, 2025affected < 2.6.3-7.24.1fixed 2.6.3-7.24.1
FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.