📄 CairoSVG Denial of Service

CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...

Fedora 44 : python-cairosvg (2026-448e26a9c8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-448e26a9c8 advisory. Security fix for CVE-2026-31899: https://nvd.nist.gov/vuln/detail/CVE-2026-31899 / https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c...

Updated python-cairosvg packages fix security vulnerability

CairoSVG vulnerable to Exponential DoS via recursive element amplification. CVE-2026-31899...

CVE-2026-31899 CairoSVG vulnerable to Exponential DoS via recursive <use> element amplification

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive element amplification in cairosvg/defs.py. This causes CPU exhaustion from a small input...

CVE-2022-42965 Exponential ReDoS in snowflake-connector-python leads to denial of service

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented getfiletransfertype method...