PT-2026-22623 · Freetype+4 · Freetype+4

Povcfe

·

Published

2026-01-01

·

Updated

2026-05-29

·

CVE-2026-23865

CVSS v2.0

5.4

Medium

VectorAV:N/AC:H/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Freetype versions 2.13.2 and 2.13.3
Description An integer overflow in the tt var load item variation store function may allow for an out-of-bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts.
Recommendations Update to version 2.14.2 or later.

Fix

DoS

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2026:9683
ALSA-2026:9686
ALSA-2026:9689
ALSA-2026:9693
AZL-78518
AZL-78701
BDU:2026-06615
BIT-JAVA-2026-23865
BIT-JAVA-MIN-2026-23865
BIT-JRE-2026-23865
CLEANSTART-2026-KV09488
CVE-2026-23865
ECHO-7BC9-C663-1FEF
JLSEC-2026-461
OESA-2026-1574
OESA-2026-1575
OESA-2026-1576
OESA-2026-1577
OPENSUSE-SU-2026:10289-1
OPENSUSE-SU-2026:10636-1
OPENSUSE-SU-2026:10637-1
OPENSUSE-SU-2026:10638-1
OPENSUSE-SU-2026:10639-1
OPENSUSE-SU-2026:10656-1
OPENSUSE-SU-2026:10728-1
OPENSUSE-SU-2026:10893-1
OPENSUSE-SU-2026:20672-1
OPENSUSE-SU-2026:20680-1
OPENSUSE-SU-2026:20681-1
RHSA-2026:7933
RHSA-2026:9254
RHSA-2026:9682
RHSA-2026:9683
RHSA-2026:9686
RHSA-2026:9689
RHSA-2026:9693
SUSE-SU-2026:1703-1
SUSE-SU-2026:1704-1
SUSE-SU-2026:1705-1
SUSE-SU-2026:1731-1
SUSE-SU-2026:1732-1
SUSE-SU-2026:1955-1
SUSE-SU-2026:2036-1
SUSE-SU-2026:20726-1
SUSE-SU-2026:20730-1
SUSE-SU-2026:21543-1
SUSE-SU-2026:21551-1
SUSE-SU-2026:21552-1
USN-8086-1
USN-8327-1
USN-8328-1
USN-8330-1
USN-8331-1
USN-8332-1
USN-8333-1
USN-8334-1
USN-8339-1
USN-8341-1

Affected Products

Freetype
Java Platform
Linuxmint
Rocky Linux
Ubuntu