Skip to content

skia-python vendors vulnerable libfreetype because of pinned cibuildwheel version

High
kyamagu published GHSA-2mhw-8qcg-gr96 Mar 19, 2026

Package

pip skia-python (pip)

Affected versions

<=144.0

Patched versions

144.0.post1

Description

Impact

The Linux wheels for skia-python vendor a vulnerable version of
libfreetype that is affected by CVE-2025-27363 [1].

The root cause is a chain of unfortunate events:

  1. skia-python builds wheels using pinned pypa/cibuildwheel@2.21.3 [2]

  2. cibuildwheel 2.21.3 in turn pins manylinux container images [3]

  3. In these images, version 2.9.1-9.el8 of RedHat package freetype is
    preinstalled. This package version is vulnerable and has since been
    patched in 2.9.1-10.

  4. During the skia-python Linux build, libfreetype is vendored from the
    system, resulting in skia-python.libs/libfreetype-29a7443c.so.6.16.1

[ To find the provenance of your vendored libfreetype, we extracted the
8-character hash of the original binary file that is added during the
build process (29a7443c), and matched it against our database of hashes
all historic Red Hat, Debian and Ubuntu releases of freetype. ]

  1. Because freetype is only a transitive dependency of the packages
    explicitly installed by the build script [4], it is not upgraded to the
    patched version [4].

  2. As a result, the published wheels embed a vulnerable libfreetype,
    even though patched packages are available upstream.

This appears to be a broader manylinux ecosystem issue. The base images
do not enforce that yum update runs on container start, so
preinstalled libraries may remain vulnerable indefinitely.

Patches

In the case of skia-python, the solution is to explicitly install freetype in the build process and rebuild the wheels.

The original report was suggesting the above, but in the current build_Linux.sh script, the patched freetype-devel version 2.9.1-10 gets installed as a dependency. It's just that we need to rebuild the wheel for a new release.

Workarounds

Users must upgrade the wheel package after release.

References

  1. https://nvd.nist.gov/vuln/detail/CVE-2025-27363

  2. skia-python/.github/workflows/ci.yml

    Line 38 in 9ffb045

    uses: pypa/cibuildwheel@v2.21.3
  3. https://github.com/pypa/cibuildwheel/blob/v2.21.3/cibuildwheel/resources/pinned_docker_images.cfg

  4. skia-python/scripts/build_Linux.sh

    Line 6 in 9ffb045

    yum install -y \

Severity

High

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v3 base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

CVSS v3 base metrics

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.
Attack complexity: More severe for the least complex attacks.
Privileges required: More severe if no privileges are required.
User interaction: More severe when no user interaction is required.
Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.
Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.
Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.
Availability: More severe when the loss of impacted component availability is highest.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE ID

CVE-2025-27363

Weaknesses

No CWEs