Search for packages
| purl | pkg:deb/debian/freetype@2.10.4%2Bdfsg-1%2Bdeb11u1?distro=trixie |
| Next non-vulnerable version | 2.10.4+dfsg-1+deb11u2 |
| Latest non-vulnerable version | 2.14.3+dfsg-1 |
| Risk | 1.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hgm7-qrp2-c3g8
Aliases: CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-17au-pc1k-m7at | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9662
|
| VCID-1teu-tz69-dff8 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1128
|
| VCID-1ws8-ww77-ybah | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9674
|
| VCID-2fsn-uxp3-fbeg | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1130
|
| VCID-2kj7-a6r9-bfft | Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service. |
CVE-2008-1806
|
| VCID-38u1-6t8n-gqey | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1143
|
| VCID-3h73-kffw-hfbc | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-10328
|
| VCID-3jn7-t1f6-uyfr | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9657
|
| VCID-3vb1-m8xt-kfcf | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-3855
|
| VCID-3wjn-8gnc-gkhr | Multiple vulnerabilities in FreeType might result in the remote execution of arbitrary code. |
CVE-2007-2754
|
| VCID-3xz8-4wu5-fugq | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2500
|
| VCID-468g-dxsr-8yer | A vulnerability in FreeType could result in execution of arbitrary code or Denial of Service. |
CVE-2014-2240
|
| VCID-48rk-qwp7-j7a8 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2807
|
| VCID-4wp3-qsuc-1kh9 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2806
|
| VCID-57th-r73p-a3fy | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2527
|
| VCID-5rpx-8t3t-syhv | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1139
|
| VCID-5z69-3ht1-kfeh | CVE-2007-3506 Emboldden rendering with a sbit font makes glibc detected. |
CVE-2007-3506
|
| VCID-613j-8z2t-t3au | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1129
|
| VCID-64dt-nnzb-mkfc | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-3814
|
| VCID-6fzj-746j-bkbc | Freetype: Freetype: Information disclosure or denial of service via specially crafted font files |
CVE-2026-23865
|
| VCID-6pzj-1sgf-zbbr | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1144
|
| VCID-6xf8-49hw-hfaf | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2016-10244
|
| VCID-6z8y-k8vw-nudd | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1142
|
| VCID-73d5-ezt5-87eh | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9663
|
| VCID-73e1-scax-8ugj | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9675
|
| VCID-7698-fwj1-fufd | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-3311
|
| VCID-79js-ywyp-x3au | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2011-0226
|
| VCID-7jyc-psvy-hkgh | security flaw |
CVE-2006-2661
|
| VCID-92gd-8jxd-qbbg | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2017-7864
|
| VCID-a9r6-k8gp-nbfs | freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS |
CVE-2015-9383
|
| VCID-ahxa-yjxp-a7en | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2499
|
| VCID-ask2-xeb7-7qbk | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9671
|
| VCID-b35u-t7u2-sudy | security update |
CVE-2014-9746
|
| VCID-bt31-xk8r-8qd2 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2497
|
| VCID-cvba-wjra-wye9 | Multiple vulnerabilities in FreeType might result in the remote execution of arbitrary code. |
CVE-2006-1861
|
| VCID-cwfg-1d6f-hfgg | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2808
|
| VCID-d2v4-gm58-uyby | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1140
|
| VCID-dcxj-zzfj-3bg7 | Multiple vulnerabilities have been discovered in FreeType, the worst of which can lead to remote code execution. |
CVE-2022-27406
|
| VCID-edag-8pt8-jqdw | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1137
|
| VCID-ettc-tamy-kfcf | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1133
|
| VCID-ewj8-a9c8-w3dy | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1135
|
| VCID-f9ym-em5n-87ep | Multiple integer overflows in FreeType might allow for the remote execution of arbitrary code or a Denial of Service. |
CVE-2009-0946
|
| VCID-fp2p-5ymf-wffj | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9669
|
| VCID-gcht-dzky-fbay | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-3054
|
| VCID-gcr7-xxtw-e3bs | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2011-3256
|
| VCID-gmk4-9sks-s3a5 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2541
|
| VCID-gtka-sbgw-tuf5 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9665
|
| VCID-h7qy-dusf-tqb7 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1141
|
| VCID-hgkz-p83z-ybfe | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1127
|
| VCID-hutw-rk7x-5bc3 | security update |
CVE-2014-9745
|
| VCID-jg4p-nv1j-fyb9 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9670
|
| VCID-jn9w-2axj-8ke5 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9659
|
| VCID-jwbe-5wmu-uqgp | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1131
|
| VCID-k8ba-gmc8-qfc4 | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2017-7858
|
| VCID-kdfa-8q7m-2kbk | security flaw |
CVE-2006-0747
|
| VCID-m8ha-zxb7-tyg6 | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2017-8105
|
| VCID-mv93-73qb-ekgt | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1132
|
| VCID-n99m-fgj7-y3bk | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1138
|
| VCID-nakp-vmxa-akey | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9664
|
| VCID-nfp7-sjcv-wkfv | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9668
|
| VCID-nn4w-gq71-kfgd | freetype: buffer over-read in function T1_Get_Private_Dict in type1/t1parse.c |
CVE-2015-9290
|
| VCID-nx21-ks3v-53e4 | Heap buffer overflow in CefSharp ### Impact A memory corruption bug(Heap overflow) in the FreeType font rendering library. > This can be exploited by attackers to execute arbitrary code by using specially crafted fonts with embedded PNG images . As per https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/ Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild. ### Patches Upgrade to 85.3.130 or higher ### References - https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/ - https://www.zdnet.com/article/google-releases-chrome-security-update-to-patch-actively-exploited-zero-day/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 - https://magpcss.org/ceforum/viewtopic.php?f=10&t=17942 To review the `CEF/Chromium` patch see https://bitbucket.org/chromiumembedded/cef/commits/cd6cbe008b127990036945fb75e7c2c1594ab10d |
CVE-2020-15999
GHSA-pv36-h7jh-qm62 |
| VCID-p2yw-ksc4-jfe9 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9660
|
| VCID-p8h9-9xku-hbhv | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9666
|
| VCID-pznp-81q7-z3d4 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9658
|
| VCID-pzsb-3h3d-t7hq | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2498
|
| VCID-qn37-kjm4-tbap | A vulnerability has been discovered in FreeType allowing for user-assisted remote execution of arbitrary code. |
CVE-2007-1351
|
| VCID-qu13-pxwm-d3da | Multiple vulnerabilities have been found in FreeType, allowing context-dependent attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-5670
|
| VCID-rcck-xn4c-k3at | Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service. |
CVE-2008-1808
|
| VCID-s148-7tzs-gfg8 | Multiple vulnerabilities have been discovered in FreeType, the worst of which can lead to remote code execution. |
CVE-2022-27405
|
| VCID-s3f6-paas-vye4 | A buffer overflow was discovered in the PCF font parser, potentially resulting in the execution of arbitrary code. |
CVE-2006-3467
|
| VCID-s9u5-4nwv-vudq | Multiple vulnerabilities have been found in FreeType, allowing context-dependent attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-5669
|
| VCID-th47-m45d-m7dk | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9667
|
| VCID-tmb5-g2ua-ekek | freetype: OOB stack-based read/write in cf2_hintmap_build() |
CVE-2014-2241
|
| VCID-tsw4-kqbc-kqf1 | freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash |
CVE-2015-9381
|
| VCID-tu7r-tsp8-73ew | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9673
|
| VCID-txkg-jsdf-93e6 | Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service. |
CVE-2008-1807
|
| VCID-tyhk-9jvd-y7bj | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2520
|
| VCID-u15r-u7zz-17ad | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9672
|
| VCID-uh3u-pzzg-fkgg | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9661
|
| VCID-uhnk-v91u-p7e5 | Multiple vulnerabilities have been found in FreeType, possibly resulting in Denial of Service. |
CVE-2014-9656
|
| VCID-uy24-k7je-pyhr | A vulnerability has been discovered in FreeType, which can lead to remote code execution. |
CVE-2025-27363
|
| VCID-v6um-wgpt-myax | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2011-3439
|
| VCID-vykx-mb8e-hyfv | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-1797
|
| VCID-wapu-grak-1bca | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1134
|
| VCID-wbve-vpw4-tqhe | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2519
|
| VCID-wr9p-x4sm-aqdh | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2017-8287
|
| VCID-xb9q-dk8j-fbch | Multiple vulnerabilities have been discovered in FreeType, the worst of which can lead to remote code execution. |
CVE-2022-27404
|
| VCID-xe45-fv7j-4ucr | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1126
|
| VCID-xyay-hhmw-cyb1 | Multiple vulnerabilities have been found in FreeType, allowing context-dependent attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-5668
|
| VCID-y4qf-qfbv-mqdg | freetype: NULL pointer dereference in the Ins_GETVARIATION() function |
CVE-2018-6942
|
| VCID-yddp-8puj-dbaj | Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. |
CVE-2017-7857
|
| VCID-yq1k-j2t6-e7g5 | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-3053
|
| VCID-ysfs-xxjz-vbep | freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read |
CVE-2015-9382
|
| VCID-zn5p-qvxr-fqhx | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. |
CVE-2010-2805
|
| VCID-zpnw-kwqf-63bp | security update |
CVE-2014-9747
|
| VCID-zu7v-a14h-2ueu | Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. |
CVE-2012-1136
|