Lucene search

Veracode Vulnerability DatabaseVERACODE:31142

HistoryJul 06, 2021 - 7:45 a.m.

Denial Of Service (DoS)

2021-07-0607:45:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

freetype

denial of service

vulnerability

tt_cmap14_validate

sfnt/ttcmap.c

heap-based buffer over-read

application crash

EPSS

0.004

Percentile

73.3%

JSON

freetype is vulnerable to denial of service. A heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c allows an attacker to crash the application.

References

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd

lists.debian.org/debian-lts-announce/2019/09/msg00002.html

savannah.nongnu.org/bugs/?46346

usn.ubuntu.com/4126-1/

usn.ubuntu.com/4126-2/

EPSS

0.004

Percentile

73.3%

JSON

Related for VERACODE:31142