CVE-2016-10328

FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cffparserrun function in cff/cffparse.c.

References

Affected packages

Git / github.com/aseprite/freetype2

Affected ranges

Type

GIT

Repo

https://github.com/aseprite/freetype2

Events

Introduced

Last affected

d2d5968aed5bc264c885c54d0a50e5355808ab78

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7"
        }
    ]
}

Affected versions

Other

BETA-5

BETA-6

BETA-7

BETA-8

DATE-050920

PRE-2-0-1

PRE-2-0-6

RELEASE-2-0

VER-2-0

VER-2-0-1

VER-2-0-2

VER-2-0-2-TEST

VER-2-0-3

VER-2-0-4

VER-2-0-5

VER-2-0-6

VER-2-0-7

VER-2-0-8

VER-2-1-0

VER-2-1-1

VER-2-1-1-RC1

VER-2-1-10

VER-2-1-2

VER-2-1-2-RC1

VER-2-1-3

VER-2-1-3-RC1

VER-2-1-3-RC2

VER-2-1-3-RC3

VER-2-1-4

VER-2-1-4-RC1

VER-2-1-4-RC2

VER-2-1-5-RC1

VER-2-1-6

VER-2-1-7

VER-2-1-8

VER-2-1-8-RC1

VER-2-1-9

VER-2-2-0

VER-2-2-0-RC1

VER-2-2-0-RC2

VER-2-2-0-RC3

VER-2-2-0-RC4

VER-2-2-1

VER-2-3-0

VER-2-3-0-FINAL

VER-2-3-0-RC1

VER-2-3-0-RC2

VER-2-3-1

VER-2-3-1-FINAL

VER-2-3-10

VER-2-3-11

VER-2-3-12

VER-2-3-2

VER-2-3-3

VER-2-3-4

VER-2-3-5

VER-2-3-5-REAL

VER-2-3-6

VER-2-3-7

VER-2-3-8

VER-2-3-9

VER-2-4-0

VER-2-4-1

VER-2-4-10

VER-2-4-11

VER-2-4-12

VER-2-4-12-beta

VER-2-4-2

VER-2-4-3

VER-2-4-4

VER-2-4-5

VER-2-4-6

VER-2-4-7

VER-2-4-8

VER-2-4-9

VER-2-5-0

VER-2-5-0-1

VER-2-5-1

VER-2-5-2

VER-2-5-3

VER-2-5-4

VER-2-5-5

VER-2-6

VER-2-6-1

VER-2-6-2

VER-2-6-3

VER-2-6-4

VER-2-6-5

VER-2-7

VER-2-BETA2

VER-2-BETA3

VER-2-BETA4

freetype

freetype2

import

start

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10328.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.5.4"
            }
        ]
    }
]