CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.2%
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.
Security Fix(es):
FreeType: Buffer overflow in sfnt_init_face (CVE-2022-27404)
FreeType: Segmentation violation via FNT_Size_Request (CVE-2022-27405)
Freetype: Segmentation violation via FT_Request_Size (CVE-2022-27406)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 9 | i686 | freetype-debugsource | < 2.10.4-9.el9 | freetype-debugsource-2.10.4-9.el9.i686.rpm |
RedHat | 9 | ppc64le | freetype-devel | < 2.10.4-9.el9 | freetype-devel-2.10.4-9.el9.ppc64le.rpm |
RedHat | 9 | i686 | freetype-demos-debuginfo | < 2.10.4-9.el9 | freetype-demos-debuginfo-2.10.4-9.el9.i686.rpm |
RedHat | 9 | i686 | freetype-debuginfo | < 2.10.4-9.el9 | freetype-debuginfo-2.10.4-9.el9.i686.rpm |
RedHat | 9 | s390x | freetype-debuginfo | < 2.10.4-9.el9 | freetype-debuginfo-2.10.4-9.el9.s390x.rpm |
RedHat | 9 | x86_64 | freetype-debugsource | < 2.10.4-9.el9 | freetype-debugsource-2.10.4-9.el9.x86_64.rpm |
RedHat | 9 | aarch64 | freetype-demos-debuginfo | < 2.10.4-9.el9 | freetype-demos-debuginfo-2.10.4-9.el9.aarch64.rpm |
RedHat | 9 | aarch64 | freetype-debuginfo | < 2.10.4-9.el9 | freetype-debuginfo-2.10.4-9.el9.aarch64.rpm |
RedHat | 9 | ppc64le | freetype-debuginfo | < 2.10.4-9.el9 | freetype-debuginfo-2.10.4-9.el9.ppc64le.rpm |
RedHat | 9 | ppc64le | freetype | < 2.10.4-9.el9 | freetype-2.10.4-9.el9.ppc64le.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.2%