Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-ORACLE8-FREETYPE-3119772
- published 16 Nov 2022
- disclosed 22 Apr 2022
How to fix?
freetype to version 0:2.9.1-9.el8 or higher.
This issue was patched in
Note: Versions mentioned in the description apply only to the upstream
freetype package and not the
freetype package as distributed by
How to fix? for
Oracle:8 relevant fixed versions and status.
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.