26 matches found
CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
UBUNTU-CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-40032 Potential segfault due to NULL pointer dereference in libvips
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
Cross-Site Scripting (XSS)
firefox is vulnerable to cross-site scripting. The vulnerability exists because the user input of SVG tags that referenced a same-origin document is not properly sanitized which allows an attacker to inject and execute arbitrary javascript...
Ssr Pages Builder 路径遍历漏洞
Ssr Pages is an Html page builder for Ssr server-side rendering. a path traversal vulnerability exists in Ssr Pages, which stems from a path traversal issue that can occur when untrusted input is provided to the svg attribute as an argument to the buildMessagePageOptions function, which can be...