CVE-2023-2004

Опубликовано: 14 нояб. 2022

Источник: redhat

CVSS3: 0

Описание

An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c. This flaw causes an application to crash or leads to a denial of service.

Отчет

Red Hat Product Security does not consider this to be a vulnerability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat build of OpenJDK 1.8	java-11-openjdk-portable	Affected
Red Hat Enterprise Linux 6	freetype	Out of support scope
Red Hat Enterprise Linux 7	freetype	Out of support scope
Red Hat Enterprise Linux 8	freetype	Will not fix
Red Hat Enterprise Linux 8	java-11-openjdk	Affected
Red Hat Enterprise Linux 8	java-17-openjdk	Affected
Red Hat Enterprise Linux 9	freetype	Will not fix
Red Hat Enterprise Linux 9	java-11-openjdk	Affected
Red Hat Enterprise Linux 9	java-17-openjdk	Affected
Red Hat Enterprise Linux 9	libreoffice:flatpak/java-11-openjdk	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=2186428freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c

0 Low

CVSS3

Связанные уязвимости

CVE-2023-2004

ubuntu

почти 3 года назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2023-2004

nvd

почти 3 года назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.