Segmentation Violation in FreeType Affected by Vendor Software
CVE-2022-27405

7.5HIGH

Key Information:

Vendor: Freetype
Status: Freetype
Vendor: CVE Published:; 22 April 2022

Summary

A segmentation violation was identified in FreeType via the function FNT_Size_Request. This issue can disrupt normal software operation, potentially leading to unexpected behavior or crashes in applications relying on the FreeType library for font rendering. Users and administrators are advised to review the vendor advisory and apply necessary patches to mitigate any potential impact.

References

http://freetype.com

https://gitlab.freedesktop.org/freetype/freetype/-/issues...

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2022
Vulnerability Reserved
Mar 21, 2022