Search for packages
Package details: pkg:deb/debian/freetype@2.9.1-3%2Bdeb10u3
purl pkg:deb/debian/freetype@2.9.1-3%2Bdeb10u3
Next non-vulnerable version 2.12.1+dfsg-5+deb12u4
Latest non-vulnerable version 2.12.1+dfsg-5+deb12u4
Risk 10.0
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-1c6t-8uk8-53c9
Aliases:
CVE-2025-27363
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
2.12.1+dfsg-5+deb12u3
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u4
Affected by 0 other vulnerabilities.
VCID-4afy-gqcp-aaag
Aliases:
CVE-2023-2004
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
2.12.1+dfsg-5
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u3
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u4
Affected by 0 other vulnerabilities.
VCID-9d9b-v95v-aaab
Aliases:
CVE-2022-27404
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
2.10.4+dfsg-1+deb11u1
Affected by 4 other vulnerabilities.
VCID-9zes-c5mb-aaaj
Aliases:
CVE-2020-15999
GHSA-pv36-h7jh-qm62
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2.10.4+dfsg-1+deb11u1
Affected by 4 other vulnerabilities.
VCID-gqte-wv6r-aaap
Aliases:
CVE-2022-27406
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
2.10.4+dfsg-1+deb11u1
Affected by 4 other vulnerabilities.
VCID-n5sx-hd4y-aaap
Aliases:
CVE-2023-21261
** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
2.12.1+dfsg-5
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u3
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u4
Affected by 0 other vulnerabilities.
VCID-n811-jg7s-aaas
Aliases:
CVE-2022-27405
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
2.10.4+dfsg-1+deb11u1
Affected by 4 other vulnerabilities.
VCID-sbb7-mwc2-aaar
Aliases:
CVE-2022-31782
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.
2.12.1+dfsg-4
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u3
Affected by 0 other vulnerabilities.
2.12.1+dfsg-5+deb12u4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (6)
Vulnerability Summary Aliases
VCID-9d9b-v95v-aaab FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. CVE-2022-27404
VCID-9zes-c5mb-aaaj Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15999
GHSA-pv36-h7jh-qm62
VCID-gqte-wv6r-aaap FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. CVE-2022-27406
VCID-n811-jg7s-aaas FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. CVE-2022-27405
VCID-sbb7-mwc2-aaar ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. CVE-2022-31782
VCID-vvv9-ydkt-aaaa An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. CVE-2018-6942

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T12:57:58.851381+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 36.1.3
2025-06-22T07:06:22.646200+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 36.1.3
2025-06-21T18:53:56.945100+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 36.1.3
2025-06-21T18:39:32.045323+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:12:34.853294+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:53:03.424719+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:36:44.237765+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:00:03.388610+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:02:44.580125+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T07:09:12.438834+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 36.1.3
2025-06-21T05:50:03.949619+00:00 Debian Oval Importer Affected by VCID-9zes-c5mb-aaaj None 36.1.3
2025-06-21T05:36:47.674798+00:00 Debian Oval Importer Affected by VCID-gqte-wv6r-aaap None 36.1.3
2025-06-21T03:50:24.175117+00:00 Debian Oval Importer Affected by VCID-9d9b-v95v-aaab None 36.1.3
2025-06-21T01:52:37.851948+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas None 36.1.3
2025-06-20T22:30:55.520627+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab None 36.1.3
2025-06-20T22:26:50.820680+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 36.1.3
2025-06-20T21:15:50.349581+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj None 36.1.3
2025-06-20T20:47:30.234392+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap None 36.1.3
2025-06-20T20:42:49.770435+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa None 36.1.3
2025-06-20T20:41:10.752516+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas None 36.1.3
2025-06-20T19:50:48.623142+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 36.1.3
2025-06-08T13:12:36.186719+00:00 Debian Oval Importer Affected by VCID-9zes-c5mb-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:10:34.142565+00:00 Debian Oval Importer Affected by VCID-9d9b-v95v-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:09:41.312324+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:54:15.905896+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:38:10.813273+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:22:20.542031+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:53:26.464938+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:57:39.127687+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T23:28:38.039432+00:00 Debian Oval Importer Affected by VCID-9zes-c5mb-aaaj None 36.1.0
2025-06-07T23:14:49.829480+00:00 Debian Oval Importer Affected by VCID-gqte-wv6r-aaap None 36.1.0
2025-06-07T21:25:36.614895+00:00 Debian Oval Importer Affected by VCID-9d9b-v95v-aaab None 36.1.0
2025-06-07T19:15:59.292315+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas None 36.1.0
2025-06-07T15:55:02.907694+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab None 36.1.0
2025-06-07T14:39:57.562990+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj None 36.1.0
2025-06-07T14:18:58.095896+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap None 36.1.0
2025-06-07T14:14:46.346103+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa None 36.1.0
2025-06-07T14:13:11.173840+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas None 36.1.0
2025-06-05T13:57:41.960373+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 36.1.0
2025-04-13T03:27:25.205431+00:00 Debian Oval Importer Affected by VCID-1c6t-8uk8-53c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:37:04.657417+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:24:47.318227+00:00 Debian Oval Importer Affected by VCID-gqte-wv6r-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:00:24.516207+00:00 Debian Oval Importer Affected by VCID-9zes-c5mb-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:56:12.056956+00:00 Debian Oval Importer Affected by VCID-9d9b-v95v-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:53:09.840695+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:26:29.017827+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:10:35.128865+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:54:36.321782+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:25:51.144579+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:29:31.088187+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T22:00:32.127096+00:00 Debian Oval Importer Affected by VCID-9zes-c5mb-aaaj None 36.0.0
2025-04-07T21:46:51.231603+00:00 Debian Oval Importer Affected by VCID-gqte-wv6r-aaap None 36.0.0
2025-04-07T19:54:37.430911+00:00 Debian Oval Importer Affected by VCID-9d9b-v95v-aaab None 36.0.0
2025-04-07T17:53:48.477533+00:00 Debian Oval Importer Affected by VCID-n811-jg7s-aaas None 36.0.0
2025-04-07T14:26:01.944298+00:00 Debian Oval Importer Fixing VCID-9d9b-v95v-aaab None 36.0.0
2025-04-07T13:12:02.261176+00:00 Debian Oval Importer Fixing VCID-9zes-c5mb-aaaj None 36.0.0
2025-04-07T12:51:42.718610+00:00 Debian Oval Importer Fixing VCID-gqte-wv6r-aaap None 36.0.0
2025-04-07T12:47:48.946369+00:00 Debian Oval Importer Fixing VCID-vvv9-ydkt-aaaa None 36.0.0
2025-04-07T12:46:18.743993+00:00 Debian Oval Importer Fixing VCID-n811-jg7s-aaas None 36.0.0
2025-04-07T03:50:48.078887+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 36.0.0
2025-04-06T15:54:47.145748+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-06T06:23:03.030352+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 36.0.0
2025-04-06T00:45:41.689606+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 36.0.0
2025-04-05T15:03:28.061144+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 36.0.0
2025-04-05T04:25:30.496959+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 36.0.0
2025-04-04T01:05:30.617325+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 36.0.0
2025-04-03T22:56:33.792451+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 36.0.0
2025-02-21T08:53:04.591752+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 35.1.0
2025-02-21T08:46:17.512034+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 35.1.0
2025-02-20T21:55:15.893038+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-20T21:55:12.341483+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 35.1.0
2025-02-20T21:55:10.986153+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 35.1.0
2025-02-20T19:43:59.204667+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 35.1.0
2025-02-20T19:43:57.338861+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 35.1.0
2025-02-20T19:43:54.010147+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 35.1.0
2024-11-23T22:40:55.096409+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 35.0.0
2024-11-23T14:17:19.095720+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-23T14:17:15.686038+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 35.0.0
2024-11-23T14:17:14.302897+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 35.0.0
2024-10-10T20:22:30.329425+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 34.0.2
2024-10-10T12:01:50.712516+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-10T12:01:47.194919+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 34.0.2
2024-10-10T12:01:45.690080+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 34.0.2
2024-09-20T01:30:19.610475+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 34.0.1
2024-09-19T18:38:25.988300+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-19T18:38:22.569865+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 34.0.1
2024-09-19T18:38:21.195863+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 34.0.1
2024-04-26T01:07:50.800078+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 34.0.0rc4
2024-04-26T01:02:19.354958+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 34.0.0rc4
2024-04-25T15:25:55.282503+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T15:25:06.758209+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 34.0.0rc4
2024-04-25T15:25:05.074742+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 34.0.0rc4
2024-04-25T13:46:25.379624+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 34.0.0rc4
2024-04-25T13:46:23.553737+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 34.0.0rc4
2024-04-25T13:46:19.861183+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 34.0.0rc4
2024-01-12T11:20:03.893046+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 34.0.0rc2
2024-01-12T11:00:05.087243+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 34.0.0rc2
2024-01-11T18:10:43.357242+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T18:10:35.576761+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 34.0.0rc2
2024-01-11T18:10:31.941536+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 34.0.0rc2
2024-01-11T15:32:17.614373+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 34.0.0rc2
2024-01-11T15:32:15.607356+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 34.0.0rc2
2024-01-11T15:32:10.630401+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 34.0.0rc2
2024-01-05T07:40:32.103833+00:00 Debian Importer Affected by VCID-n5sx-hd4y-aaap None 34.0.0rc1
2024-01-05T07:36:42.100368+00:00 Debian Importer Affected by VCID-4afy-gqcp-aaag None 34.0.0rc1
2024-01-05T02:14:57.626738+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T02:14:51.933573+00:00 Debian Importer Fixing VCID-sbb7-mwc2-aaar None 34.0.0rc1
2024-01-05T02:14:50.221253+00:00 Debian Importer Affected by VCID-sbb7-mwc2-aaar None 34.0.0rc1
2024-01-05T00:57:11.738888+00:00 Debian Importer Fixing VCID-gqte-wv6r-aaap None 34.0.0rc1
2024-01-05T00:57:09.877776+00:00 Debian Importer Fixing VCID-n811-jg7s-aaas None 34.0.0rc1
2024-01-05T00:57:06.032641+00:00 Debian Importer Fixing VCID-9d9b-v95v-aaab None 34.0.0rc1