CVE-2018-6942

Опубликовано: 13 фев. 2018

Источник: debian

EPSS Низкий

Описание

An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
freetype	fixed	2.9.1-3		package
freetype	not-affected		stretch	package
freetype	not-affected		jessie	package
freetype	not-affected		wheezy	package

Примечания

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef

EPSS

Процентиль: 49%

0.00258

Низкий

Связанные уязвимости

CVE-2018-6942

CVSS3: 6.5

ubuntu

почти 8 лет назад

An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

CVE-2018-6942

CVSS3: 3.3

redhat

около 8 лет назад

An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

CVE-2018-6942

CVSS3: 6.5

nvd

почти 8 лет назад

An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

openSUSE-SU-2020:0704-1

suse-cvrf

больше 5 лет назад

Security update for freetype2

SUSE-SU-2020:1353-1

suse-cvrf

больше 5 лет назад

Security update for freetype2

EPSS

Процентиль: 49%

0.00258

Низкий