Freetype: community verdicts
3 notable / known-exploited Freetype CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Freetype CVE, see NVD ↗.
- CVE-2020-15999CRIT 9.6KEVEPSS 51%
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-27406HIGH 7.5Real · low riskEPSS 3%
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
- CVE-2022-27405HIGH 7.5Real · low riskEPSS 3%
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.