Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2015-9381
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2015-9381
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-9381.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2015-9381
Downstream
DEBIAN-CVE-2015-9381
DLA-1909-1
RHSA-2018:3140
RHSA-2019:4254
UBUNTU-CVE-2015-9381
USN-4126-2
Published
2019-09-03T05:15:10Z
Modified
2025-08-09T20:01:27Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
FreeType before 2.6.1 has a heap-based buffer over-read in T1
Get
Private_Dict in type1/t1parse.c.
References
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9
https://access.redhat.com/errata/RHSA-2019:4254
https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html
https://savannah.nongnu.org/bugs/?45955
https://usn.ubuntu.com/4126-2/
Affected packages
CVE-2015-9381 - OSV