JLSEC-2025-17 A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...

PT-2018-14331 · Cairo +3 · Cairo +3

Name of the Vulnerable Software and Affected Versions: cairo versions prior to 1.15.14 Description: The issue arises from an out-of-bounds stack-memory write that occurs during the processing of a crafted document by WebKitGTK+, due to the interaction between functions in...