{"id":"JLSEC-2026-127","details":"SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.","modified":"2026-04-17T14:00:06.207003Z","published":"2026-04-17T13:51:45.880Z","upstream":["CVE-2022-27470"],"database_specific":{"sources":[{"imported":"2026-04-17T13:39:46.371Z","database_specific":{"status":"Modified"},"published":"2022-05-04T03:15:07.627Z","modified":"2024-11-21T06:55:47.183Z","id":"CVE-2022-27470","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27470","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-27470"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"https://github.com/libsdl-org/SDL_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"},{"type":"WEB","url":"https://github.com/libsdl-org/SDL_ttf/issues/187"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAGMQMRQDTZFQW64JEW3O6HY3JYLAAHT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RXI3MDPR24W5557G34YHWOP2MOK6BTGB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPYTEBBNHCDGPVFACC5RC5K2FZUCYTPZ/"},{"type":"WEB","url":"https://github.com/libsdl-org/SDL_ttf/commit/db1b41ab8bde6723c24b866e466cad78c2fa0448"},{"type":"WEB","url":"https://github.com/libsdl-org/SDL_ttf/issues/187"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAGMQMRQDTZFQW64JEW3O6HY3JYLAAHT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RXI3MDPR24W5557G34YHWOP2MOK6BTGB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPYTEBBNHCDGPVFACC5RC5K2FZUCYTPZ/"}],"affected":[{"package":{"name":"SDL2_ttf_jll","ecosystem":"Julia","purl":"pkg:julia/SDL2_ttf_jll?uuid=ca9d4746-8a27-5104-babe-80f83b336947"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.24.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-127.json"}}],"schema_version":"1.7.5"}