{"id":"CVE-2015-9383","details":"FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.","modified":"2026-04-10T03:46:36.777384Z","published":"2019-09-03T05:15:10Z","references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"},{"type":"ADVISORY","url":"https://savannah.nongnu.org/bugs/?46346"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4126-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4126-2/"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"},{"type":"EVIDENCE","url":"https://savannah.nongnu.org/bugs/?46346"},{"type":"FIX","url":"http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"},{"type":"REPORT","url":"https://savannah.nongnu.org/bugs/?46346"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}