VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
epss	0.03154	https://api.first.org/data/v1/epss?cve=CVE-2010-2520
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2010-2520

System

Score

Found at

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

epss

0.03154

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

cvssv2

5.1

https://nvd.nist.gov/vuln/detail/CVE-2010-2520

Reference id

Reference type

URL

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html

http://marc.info/?l=oss-security&m=127905701201340&w=2

http://marc.info/?l=oss-security&m=127909326909362&w=2

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2520.json

https://api.first.org/data/v1/epss?cve=CVE-2010-2520

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2520

http://secunia.com/advisories/48951

https://savannah.nongnu.org/bugs/?30361

http://support.apple.com/kb/HT4435

http://www.debian.org/security/2010/dsa-2070

http://www.mandriva.com/security/advisories?name=MDVSA-2010:137

http://www.ubuntu.com/usn/USN-963-1

613198

https://bugzilla.redhat.com/show_bug.cgi?id=613198

cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

CVE-2010-2520

https://nvd.nist.gov/vuln/detail/CVE-2010-2520

GLSA-201201-09

https://security.gentoo.org/glsa/201201-09

USN-963-1

https://usn.ubuntu.com/963-1/

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:00:57.376423+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201201-09	38.0.0

2026-04-01T13:00:57.376423+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/201201-09

38.0.0

Vulnerability ID	VCID-tyhk-9jvd-y7bj
Aliases	CVE-2010-2520
Summary	Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service.
Status	Published
Exploitability	0.5
Weighted Severity	4.6
Risk	2.3
Affected and Fixed Packages	Package Details

CWE-228	Improper Handling of Syntactically Invalid Structure
CWE-122	Heap-based Buffer Overflow
CWE-787	Out-of-bounds Write

Percentile	0.86848
EPSS Score	0.03154
Published At	April 1, 2026, 12:55 p.m.