Lucene search
+L

26 matches found

UbuntuCve
UbuntuCve
added 2023/09/11 7:15 p.m.22 views

CVE-2023-40032

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...

5.5CVSS6.8AI score0.00238EPSS
Exploits0References5
OSV
OSV
added 2023/09/11 7:15 p.m.6 views

UBUNTU-CVE-2023-40032

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...

5.5CVSS6.8AI score0.00238EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2023/09/11 6:34 p.m.44 views

CVE-2023-40032

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...

5.5CVSS6.3AI score0.00238EPSS
Exploits0
Cvelist
Cvelist
added 2023/09/11 6:34 p.m.36 views

CVE-2023-40032 Potential segfault due to NULL pointer dereference in libvips

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...

5.5CVSS5.7AI score0.00238EPSS
Exploits0References4
Veracode
Veracode
added 2022/06/30 9:53 p.m.27 views

Cross-Site Scripting (XSS)

firefox is vulnerable to cross-site scripting. The vulnerability exists because the user input of SVG tags that referenced a same-origin document is not properly sanitized which allows an attacker to inject and execute arbitrary javascript...

6.1CVSS7.8AI score0.00395EPSS
Exploits0References4Affected Software3
CNNVD
CNNVD
added 2022/03/01 12:0 a.m.7 views

Ssr Pages Builder 路径遍历漏洞

Ssr Pages is an Html page builder for Ssr server-side rendering. a path traversal vulnerability exists in Ssr Pages, which stems from a path traversal issue that can occur when untrusted input is provided to the svg attribute as an argument to the buildMessagePageOptions function, which can be...

7.6CVSS6.8AI score0.01113EPSS
Exploits0References4
Rows per page
Query Builder