Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
FreeType 安全漏洞
Vulnerability Description
FreeType是FreeType开源的一款开源字体渲染库。 Freetype 2.13.2版本和2.13.3版本存在安全漏洞,该漏洞源于tt_var_load_item_variation_store函数存在整数溢出,可能导致解析OpenType可变字体中的HVAR/VVAR/MVAR表时发生越界读取。
CVSS Information
N/A
Vulnerability Type
N/A