Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/freetype@2.4.2-2.1%2Bsqueeze4
Typedeb
Namespacedebian
Namefreetype
Version2.4.2-2.1+squeeze4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.10.4+dfsg-1+deb11u1
Latest_non_vulnerable_version2.10.4+dfsg-1+deb11u1
Affected_by_vulnerabilities
0
url VCID-2yvb-7w2n-ybhg
vulnerability_id VCID-2yvb-7w2n-ybhg
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
reference_id CVE-2012-1131
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1131
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yvb-7w2n-ybhg
1
url VCID-31q8-w6bh-zuey
vulnerability_id VCID-31q8-w6bh-zuey
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128
reference_id CVE-2012-1128
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1128
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31q8-w6bh-zuey
2
url VCID-6bcv-2cx6-77es
vulnerability_id VCID-6bcv-2cx6-77es
summary arbitrary code execution
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10244
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10244
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
3
reference_url https://security.archlinux.org/ASA-201705-10
reference_id ASA-201705-10
reference_type
scores
url https://security.archlinux.org/ASA-201705-10
4
reference_url https://security.archlinux.org/ASA-201705-7
reference_id ASA-201705-7
reference_type
scores
url https://security.archlinux.org/ASA-201705-7
5
reference_url https://security.archlinux.org/AVG-257
reference_id AVG-257
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-257
6
reference_url https://security.archlinux.org/AVG-258
reference_id AVG-258
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-258
fixed_packages
0
url pkg:deb/debian/freetype@2.5.2-3%2Bdeb8u2
purl pkg:deb/debian/freetype@2.5.2-3%2Bdeb8u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.5.2-3%252Bdeb8u2
1
url pkg:deb/debian/freetype@2.6.3-3.2%2Bdeb9u1
purl pkg:deb/debian/freetype@2.6.3-3.2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8zjm-pmh1-p7a2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.3-3.2%252Bdeb9u1
aliases CVE-2017-8287
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6bcv-2cx6-77es
3
url VCID-6jeb-n9un-3qhd
vulnerability_id VCID-6jeb-n9un-3qhd
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
reference_id CVE-2012-1127
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1127
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jeb-n9un-3qhd
4
url VCID-79xr-2yux-37ea
vulnerability_id VCID-79xr-2yux-37ea
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
reference_id CVE-2012-1130
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1130
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-79xr-2yux-37ea
5
url VCID-8sk7-1vxp-9bgd
vulnerability_id VCID-8sk7-1vxp-9bgd
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
reference_id CVE-2012-1135
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1135
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8sk7-1vxp-9bgd
6
url VCID-8zjm-pmh1-p7a2
vulnerability_id VCID-8zjm-pmh1-p7a2
summary In Freetype, if PNG images were embedded into fonts, the Load_SBit_Png function contained an integer overflow that led to a heap buffer overflow, memory corruption, and an exploitable crash.*Note: While Project Zero did discover instances of this vulnerability being exploited in the wild against Chrome, in Firefox this vulnerability is only triggerable if a rarely-used, hidden preference is toggled, and only affected Linux and Android operating systems. Other operating systems are unaffected; and Linux and Android are unaffected in the default configuration.*
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15959
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15961
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15961
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15962
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15963
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15963
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15964
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15966
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15966
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15967
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15967
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15968
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15970
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15971
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15971
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15972
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15972
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15973
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15973
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15974
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15974
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15975
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15976
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15977
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15978
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15978
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15979
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15979
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15980
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15980
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15981
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15981
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15982
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15982
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15983
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15983
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15984
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15985
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15985
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15986
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15987
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15988
30
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15989
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15990
32
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15991
33
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15992
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15992
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
35
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16000
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16001
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16002
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16003
39
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16011
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012
46
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013
47
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
51
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018
52
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019
53
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020
54
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021
55
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022
56
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023
57
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024
58
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025
59
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026
60
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027
61
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028
62
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029
63
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030
64
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031
65
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032
66
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033
67
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034
68
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035
69
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036
70
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16037
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16037
71
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16038
72
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16039
73
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040
74
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16041
75
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042
76
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36765
77
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6510
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6510
78
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6511
79
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6512
80
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6513
81
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514
82
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6515
83
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6516
84
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6517
85
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6518
86
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6519
87
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6520
88
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6521
89
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6522
90
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6523
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6523
91
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6524
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6524
92
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6525
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6525
93
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6526
94
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6527
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6527
95
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6528
96
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6529
97
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6530
98
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6531
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6531
99
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6532
100
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6533
101
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6534
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6534
102
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6535
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6535
103
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6536
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6536
104
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6537
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6537
105
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6538
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6538
106
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6539
107
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6540
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6540
108
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6541
109
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6542
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6542
110
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6543
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6543
111
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6544
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6544
112
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6545
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6545
113
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6547
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6547
114
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6548
115
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6549
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6549
116
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6550
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6550
117
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6551
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6551
118
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6552
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6552
119
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6553
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6553
120
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6554
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6554
121
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6555
122
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6556
123
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6557
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6557
124
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6559
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6559
125
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6560
126
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6561
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6561
127
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6562
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6562
128
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6563
129
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6564
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6564
130
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6565
131
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6566
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6566
132
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6567
133
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6568
134
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6569
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6569
135
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6570
136
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6571
137
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6573
138
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6575
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6575
139
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6576
140
reference_url https://security.archlinux.org/ASA-202010-10
reference_id ASA-202010-10
reference_type
scores
url https://security.archlinux.org/ASA-202010-10
141
reference_url https://security.archlinux.org/ASA-202010-11
reference_id ASA-202010-11
reference_type
scores
url https://security.archlinux.org/ASA-202010-11
142
reference_url https://security.archlinux.org/ASA-202011-12
reference_id ASA-202011-12
reference_type
scores
url https://security.archlinux.org/ASA-202011-12
143
reference_url https://security.archlinux.org/AVG-1254
reference_id AVG-1254
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1254
144
reference_url https://security.archlinux.org/AVG-1255
reference_id AVG-1255
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1255
145
reference_url https://security.archlinux.org/AVG-1279
reference_id AVG-1279
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1279
146
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
147
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-51
reference_id mfsa2020-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-51
148
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-52
reference_id mfsa2020-52
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-52
fixed_packages
0
url pkg:deb/debian/freetype@2.9.1-3%2Bdeb10u3
purl pkg:deb/debian/freetype@2.9.1-3%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8zjm-pmh1-p7a2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.9.1-3%252Bdeb10u3
1
url pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1
purl pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.10.4%252Bdfsg-1%252Bdeb11u1
aliases CVE-2020-15999
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zjm-pmh1-p7a2
7
url VCID-aswe-3g48-wfgm
vulnerability_id VCID-aswe-3g48-wfgm
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
reference_id CVE-2012-1138
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1138
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aswe-3g48-wfgm
8
url VCID-e4yc-a8j8-mqfq
vulnerability_id VCID-e4yc-a8j8-mqfq
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
reference_id CVE-2012-1133
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1133
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4yc-a8j8-mqfq
9
url VCID-fe3g-ww6q-hqa8
vulnerability_id VCID-fe3g-ww6q-hqa8
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
reference_id CVE-2012-1129
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1129
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fe3g-ww6q-hqa8
10
url VCID-g8bk-9bsd-p7bk
vulnerability_id VCID-g8bk-9bsd-p7bk
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
reference_id CVE-2012-1137
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1137
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8bk-9bsd-p7bk
11
url VCID-jqjv-gjbe-dbfg
vulnerability_id VCID-jqjv-gjbe-dbfg
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
reference_id CVE-2012-1126
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1126
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqjv-gjbe-dbfg
12
url VCID-kemx-zuam-uqab
vulnerability_id VCID-kemx-zuam-uqab
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
reference_id CVE-2012-1141
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1141
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kemx-zuam-uqab
13
url VCID-keyh-yygz-y7ep
vulnerability_id VCID-keyh-yygz-y7ep
summary arbitrary code execution
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10244
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10244
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
3
reference_url https://security.archlinux.org/ASA-201705-10
reference_id ASA-201705-10
reference_type
scores
url https://security.archlinux.org/ASA-201705-10
4
reference_url https://security.archlinux.org/ASA-201705-7
reference_id ASA-201705-7
reference_type
scores
url https://security.archlinux.org/ASA-201705-7
5
reference_url https://security.archlinux.org/AVG-257
reference_id AVG-257
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-257
6
reference_url https://security.archlinux.org/AVG-258
reference_id AVG-258
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-258
fixed_packages
0
url pkg:deb/debian/freetype@2.5.2-3%2Bdeb8u2
purl pkg:deb/debian/freetype@2.5.2-3%2Bdeb8u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.5.2-3%252Bdeb8u2
1
url pkg:deb/debian/freetype@2.6.3-3.2%2Bdeb9u1
purl pkg:deb/debian/freetype@2.6.3-3.2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8zjm-pmh1-p7a2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.6.3-3.2%252Bdeb9u1
aliases CVE-2017-8105
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keyh-yygz-y7ep
14
url VCID-kwd7-sv6y-eyh8
vulnerability_id VCID-kwd7-sv6y-eyh8
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
reference_id CVE-2012-1136
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1136
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwd7-sv6y-eyh8
15
url VCID-psxs-t1t2-bkba
vulnerability_id VCID-psxs-t1t2-bkba
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
reference_id CVE-2012-1132
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1132
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psxs-t1t2-bkba
16
url VCID-r47y-we15-pqg3
vulnerability_id VCID-r47y-we15-pqg3
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
reference_id CVE-2012-1139
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1139
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r47y-we15-pqg3
17
url VCID-tvvd-q7nw-eyey
vulnerability_id VCID-tvvd-q7nw-eyey
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
reference_id CVE-2012-1140
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1140
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvvd-q7nw-eyey
18
url VCID-vx31-mywv-1fhr
vulnerability_id VCID-vx31-mywv-1fhr
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144
reference_id CVE-2012-1144
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1144
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vx31-mywv-1fhr
19
url VCID-xxs6-891m-t3bm
vulnerability_id VCID-xxs6-891m-t3bm
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
reference_id CVE-2012-1142
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1142
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xxs6-891m-t3bm
20
url VCID-z2q3-ejur-8uhb
vulnerability_id VCID-z2q3-ejur-8uhb
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
reference_id CVE-2012-1134
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1134
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z2q3-ejur-8uhb
21
url VCID-z66j-hvpb-9ydk
vulnerability_id VCID-z66j-hvpb-9ydk
summary 
Mateusz Jurczyk of the Google Security Team used the Address
Sanitizer tool to discover a series of memory safety bugs in the FreeType
library, some of which could cause memory corruption and exploitable crashes
with certain fonts and font parsing. Firefox Mobile has been upgraded to
FreeType version 2.4.9 which addresses these issues. Desktop Firefox does not
use Freetype for fonts and was not affected.
On Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
reference_id CVE-2012-1143
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
reference_id mfsa2012-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
fixed_packages
0
url pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
purl pkg:deb/debian/freetype@2.4.9-1.1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6bcv-2cx6-77es
1
vulnerability VCID-8zjm-pmh1-p7a2
2
vulnerability VCID-keyh-yygz-y7ep
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.9-1.1%252Bdeb7u3
aliases CVE-2012-1143
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z66j-hvpb-9ydk
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/freetype@2.4.2-2.1%252Bsqueeze4