librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 8.0 | |
librsvg | le | 2.40.11 |