Amazon Linux 2 — freetype — multiple vulnerabilities (6 CVEs) — patch and remediation guide
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2025-2806 Related CVEs: CVE-2025-23022 CVE-2025-27363 CVE-2020-15999 CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 Upstream summary: FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. (CVE-2025-23022) An out of bounds write exists in […]