VDB
GCVE-VVD-MAGEIA-2025-99
GCVE-VVD-MAGEIA-2025-99
Advisory Published
An out of bounds write exists in FreeType versions 2.13.0 and below
when attempting to parse font subglyph structures related to TrueType
GX and variable font files which may result in arbitrary code execution.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gspell | 0 (affected), 1.12.1-1.1.mga9 (unaffected) | — |
| Mageia | libcdr | 0 (affected), 0.1.7-5.1.mga9 (unaffected) | — |
| Mageia | 0ad | 0 (affected), 0.0.26-3.1.mga9 (unaffected) | — |
| Mageia | c-icap-modules-classify | 0 (affected), 20180416-15.1.mga9 (unaffected) | — |
| Mageia | enchant2 | 0 (affected), 2.3.3-2.1.mga9 (unaffected) | — |
| Mageia | gnustep-base | 0 (affected), 1.28.0-2.1.mga9 (unaffected) | — |
| Mageia | gnustep-gui | 0 (affected), 0.28.0-10.1.mga9 (unaffected) | — |
| Mageia | konsole | 0 (affected), 23.04.3-1.1.mga9 (unaffected) | — |
| Mageia | qtwebengine5 | 0 (affected), 5.15.10-8.1.mga9 (unaffected) | — |
| Mageia | qtwebengine6 | 0 (affected), 6.4.1-5.1.mga9 (unaffected) | — |
| Mageia | performous | 0 (affected), 1.2.0-6.1.mga9 (unaffected) | — |
| Mageia | plasma-workspace | 0 (affected), 5.27.10-1.3.mga9 (unaffected) | — |
| Mageia | R-base | 0 (affected), 4.3.3-1.1.mga9 (unaffected) | — |
| Mageia | scribus | 0 (affected), 1.5.8-11.1.mga9 (unaffected) | — |
| Mageia | strawberry | 0 (affected), 1.0.17-1.1.mga9 (unaffected) | — |
| Mageia | subtitlecomposer | 0 (affected), 0.7.1-3.1.mga9 (unaffected) | — |
| Mageia | mpd | 0 (affected), 0.23.11-4.1.mga9 (unaffected), 0 (affected), 0.23.11-4.1.mga9.tainted (unaffected) | — |
| Mageia | freetype2 | 0 (affected), 2.13.0-1.2.mga9 (unaffected), 0 (affected), 2.13.0-1.2.mga9.tainted (unaffected), 0 (affected), 2.13.0-1.2.mga9 (unaffected), 0 (affected), 2.13.0-1.2.mga9.tainted (unaffected) | — |
References
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.