Lucene search
K

123 matches found

Fedora
Fedora
added 2021/01/16 1:23 a.m.50 views

[SECURITY] Fedora 32 Update: python-cairosvg-2.4.2-4.fc32

CairoSVG is a SVG 1.1 to PNG, PDF, PS and SVG converter which can also be u sed as a Python library...

1.4AI score
Exploits0
OpenVAS
OpenVAS
added 2021/01/16 12:0 a.m.9 views

Fedora: Security Advisory for python-cairosvg (FEDORA-2021-8537865fb5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
ArchLinux
ArchLinux
added 2021/01/12 12:0 a.m.136 views

[ASA-202101-12] python-cairosvg: denial of service

Arch Linux Security Advisory ASA-202101-12 ========================================== Severity: Low Date : 2021-01-12 CVE-ID : CVE-2021-21236 Package : python-cairosvg Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1412 Summary ======= The package python-cairosvg...

5.7CVSS2.5AI score0.01466EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/01/11 12:0 a.m.10 views

FreeBSD : CairoSVG -- Regular Expression Denial of Service vulnerability (a3cef1e6-51d8-11eb-9b8d-08002728f74c)

CairoSVG security advisories : When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service REDoS. If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. ...

5.4AI score
Exploits0References2
OSV
OSV
added 2021/01/06 5:15 p.m.24 views

CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.5CVSS6.9AI score
Exploits0References4
OSV
OSV
added 2021/01/06 5:15 p.m.1 views

DEBIAN-CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.5CVSS6.2AI score0.01466EPSS
Exploits1References1
NVD
NVD
added 2021/01/06 5:15 p.m.18 views

CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS5.7AI score0.01466EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2021/01/06 5:15 p.m.5 views

buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +9 more potentially affected by CVE-2021-21236 via cairosvg (>=0.5.0 <=2.5.0)

cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =0.1.0, =2.11.0, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.1.0 - wiking =2.2.1 Source cves: CVE-2021-21236 Source advisory: OSV:PYSEC-2021-5...

5.7CVSS6.6AI score0.01466EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2021/01/06 5:15 p.m.32 views

CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS6.7AI score0.01466EPSS
Exploits1References6
PyPA
PyPA
added 2021/01/06 5:15 p.m.6 views

PYSEC-2021-5

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS6.7AI score0.01466EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/01/06 5:15 p.m.4 views

PYSEC-2021-5

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS6.7AI score0.01466EPSS
Exploits1References4
Prion
Prion
added 2021/01/06 5:15 p.m.22 views

Design/Logic Flaw

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

4.3CVSS5.4AI score0.01466EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/01/06 5:15 p.m.1 views

UBUNTU-CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS7.1AI score0.01466EPSS
Exploits1References7
Cvelist
Cvelist
added 2021/01/06 5:0 p.m.41 views

CVE-2021-21236 Regular Expression Denial of Service in CairoSVG

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS5.9AI score0.01466EPSS
Exploits1References4
CVE
CVE
added 2021/01/06 5:0 p.m.132 views

CVE-2021-21236

CVE-2021-21236 affects CairoSVG (Python) prior to 2.5.1, where two regular expressions enable a Regular Expression Denial of Service (REDoS) during SVG processing. An attacker could craft a malicious SVG to cause prolonged processing time, potentially impacting availability. The vulnerability is ...

5.7CVSS5.5AI score0.01466EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2021/01/06 5:0 p.m.28 views

CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS5.7AI score0.01466EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/01/06 5:0 p.m.44 views

CVE-2021-21236

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS5.6AI score0.01466EPSS
Exploits1
OSV
OSV
added 2021/01/06 4:57 p.m.1 views

GHSA-HQ37-853P-G5CF Regular Expression Denial of Service in CairoSVG

Doyensec Vulnerability Advisory Regular Expression Denial of Service REDoS in cairosvg Affected Product: CairoSVG v2.0.0+ Vendor: https://github.com/Kozea Severity: Medium Vulnerability Class: Denial of Service Authors: Ben Caller Doyensec Summary When processing SVG files, the python package...

8.7CVSS6.6AI score0.01466EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2021/01/06 4:57 p.m.6 views

buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +9 more potentially affected by CVE-2021-21236 via cairosvg (>=0.5.0 <=2.5.0)

cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =0.1.0, =2.11.0, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =1.1.0 - wiking =2.2.1 Source cves: CVE-2021-21236 Source advisory: OSV:GHSA-HQ37-853P-G5CF...

5.7CVSS6.6AI score0.01466EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2021/01/06 4:57 p.m.56 views

Regular Expression Denial of Service in CairoSVG

Doyensec Vulnerability Advisory Regular Expression Denial of Service REDoS in cairosvg Affected Product: CairoSVG v2.0.0+ Vendor: https://github.com/Kozea Severity: Medium Vulnerability Class: Denial of Service Authors: Ben Caller Doyensec Summary When processing SVG files, the python package...

5.7CVSS0.01466EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder