CVE-2022-27470

Published May 4th, 2022

View on NVD ↗

CVSS v3

7.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file.

libsdl-org/SDL_ttf

Support for TrueType (.ttf) font files with Simple Directmedia Layer.

GitHub

716