13 matches found
openSUSE: Security Advisory for python (openSUSE-SU-2023:0260-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python (openSUSE-SU-2023:0272-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0272-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0272-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...
Security update for python-CairoSVG (moderate)
openSUSE Security Update: Security update for python-CairoSVG Announcement ID: openSUSE-SU-2023:0272-1 Rating: moderate References: 1180648 1209538 Cross-References: CVE-2021-21236 CVE-2023-27586 CVSS scores: CVE-2021-21236 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-27586 NVD...
openSUSE 15 Security Update : python-CairoSVG (openSUSE-SU-2023:0260-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0260-1 advisory. - CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression...
Security update for python-CairoSVG (moderate)
openSUSE Security Update: Security update for python-CairoSVG Announcement ID: openSUSE-SU-2023:0260-1 Rating: moderate References: 1180648 1209538 Cross-References: CVE-2021-21236 CVE-2023-27586 CVSS scores: CVE-2021-21236 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-27586 NVD...
Updated python-cairosvg packages fix security vulnerability
When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service REDoS. If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time CVE-2021-21236...
CVE-2021-21236
creationtimestamp| type| source ---|---|--- 2021-01-06 20:41:22+00:00| seen| https://t.me/cibsecurity/21687...
CVE-2021-21236
CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...
buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +9 more potentially affected by CVE-2021-21236 via cairosvg (>=0.5.0 <=2.5.0)
cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =0.1.0, =2.11.0, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.1.0 - wiking =2.2.1 Source cves: CVE-2021-21236 Source advisory: OSV:PYSEC-2021-5...
CVE-2021-21236
CVE-2021-21236 affects CairoSVG (Python) prior to 2.5.1, where two regular expressions enable a Regular Expression Denial of Service (REDoS) during SVG processing. An attacker could craft a malicious SVG to cause prolonged processing time, potentially impacting availability. The vulnerability is ...
CVE-2021-21236 Regular Expression Denial of Service in CairoSVG
CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...
buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +9 more potentially affected by CVE-2021-21236 via cairosvg (>=0.5.0 <=2.5.0)
cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =0.1.0, =2.11.0, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.1.0 - wiking =2.2.1 Source cves: CVE-2021-21236 Source advisory: OSV:GHSA-HQ37-853P-G5CF...