Astra Linux – Vulnerability in Firefox

A use-after-free vulnerability was identified during testing, and it was traced to an outdated Cairo library. Updating the library resolved the issue, and it may have also addressed other unknown security vulnerabilities. This vulnerability affects Firefox versions earlier than 90...

Astra Linux – Vulnerability in Cairo

A flaw was discovered in cairo’s image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo’s image-compositor for example, by convincing a user to open a file in an application that uses cairo, or if an application uses cairo on...

openSUSE 16 Security Update : cairo (openSUSE-SU-2026:20697-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20697-1 advisory. This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589. Tenable has extracted the preceding...

Security update for cairo (low)

openSUSE security update: security update for cairo ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20697-1 Rating: low References: bsc1247589 Cross-References: CVE-2025-50422 Affected Products: openSUSE Leap 16.0...

OPENSUSE-SU-2026:20697-1 Security update for cairo

This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589...

SUSE-SU-2026:21583-1 Security update for cairo

This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589...

SUSE-SU-2026:21573-1 Security update for cairo

This update for cairo fixes the following issue: - CVE-2025-50422: Poppler crash on malformed input bsc1247589...

CVE-2018-25305

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

CVE-2018-25305

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

CVE-2018-25305 librsvg2-bin 2.40.13 Buffer Overflow via Malformed SVG

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

CVE-2018-25305 librsvg2-bin 2.40.13 Buffer Overflow via Malformed SVG

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

EUVD-2018-21826

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

librsvg2-bin 安全漏洞

librsvg2-bin is a GNOME open-source command-line tool set that provides functions for rendering and converting SVG images. Version 2.40.13 of librsvg2-bin contains a security vulnerability. This vulnerability stems from a buffer overflow, which could allow local attackers to cause denial-of-servi...

PT-2026-35988

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

SmartContract-VulnHunter

🛡️ SmartContract VulnHunter The ultimate smart contract securi...

Ubuntu: Security Advisory (USN-8140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8140-1 cairo vulnerabilities

Alberto Garcia, Francisco Oca and Suleman Ali discovered that Cairo did not properly manage memory. An attacker could possibly use this issue to cause Cairo to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2017-9814 ...

gimp:2.8 security update

An update is available for module.pygtk2, module.python2-pycairo, python2-pycairo, pygobject2, module.pygobject2, module.gimp, gimp, pygtk2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2026-25586

Summary Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated report. This allowed JavaScript...

Linux Distros Unpatched Vulnerability : CVE-2026-31899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive element amplificatio...