FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
458df97f-1440-11eb-aaec-e0d55e2a8bf9freetype2 -- heap buffer overlfow

The freetype project reports:

A heap buffer overflow has been found in the handling of embedded PNG bitmaps, introduced in FreeType version 2.6.


Discovery 2020-10-20
Entry 2020-10-22
freetype2
< 2.10.4

https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/
CVE-2020-15999
567beb1e-7e0a-11e4-b9cc-bcaec565249cfreetype -- Out of bounds stack-based read/write

Werner LEMBERG reports:

The fix for CVE-2014-2240 was not 100% complete to fix the issue from the CVE completly.


Discovery 2014-12-07
Entry 2014-12-07
freetype2
< 2.5.4

http://lists.nongnu.org/archive/html/freetype-announce/2014-12/msg00000.html
CVE-2014-2240
4a088d67-3af2-11e7-9d75-c86000169601freetype2 -- buffer overflows

Werner Lemberg reports:

CVE-2017-8105, CVE-2017-8287: Older FreeType versions have out-of-bounds writes caused by heap-based buffer overflows related to Type 1 fonts.


Discovery 2017-05-17
Entry 2017-05-17
freetype2
< 2.8

http://lists.nongnu.org/archive/html/freetype-announce/2017-05/msg00000.html
CVE-2017-8105
CVE-2017-8287
1a0de610-a761-11e3-95fe-bcaec565249cfreetype2 -- Out of bounds read/write

Mateusz Jurczyk reports:

Out of bounds stack-based read/write in cf2_hintmap_build.

This is a critical vulnerability in the CFF Rasterizer code recently contributed by Adobe, leading to potential arbitrary code execution in the context of the FreeType2 library client.


Discovery 2014-02-25
Entry 2014-03-09
freetype2
< 2.5.3

http://savannah.nongnu.org/bugs/?41697