15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service infinite loop, stack consumption, and application crash via cyclic...
RHEL 5 : librsvg2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - librsvg: SIGFPE is raised in boxblurline function of rsvg-filter.c CVE-2017-11464 - The...
Debian: Security Advisory (DLA-477-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2016-4347
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7558. Reason: This candidate is a reservation duplicate of CVE-2015-7558. Notes: All CVE users should reference CVE-2015-7558 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
Huawei EulerOS: Security Advisory for librsvg2 (EulerOS-SA-2019-2493)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : librsvg2 (EulerOS-SA-2019-2614)
According to the versions of the librsvg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service infinite loop, stack consumption, and application crash...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7558. Reason: This candidate is a reservation duplicate of CVE-2015-7558. Notes: All CVE users should reference CVE-2015-7558 instead of this candidate. All references and descriptions in this candidate have been removed to...
UBUNTU-CVE-2016-4347
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7558. Reason: This candidate is a reservation duplicate of CVE-2015-7558. Notes: All CVE users should reference CVE-2015-7558 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2015-7558
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service infinite loop, stack consumption, and application crash via cyclic references in an SVG document...
CVE-2015-7558
CVE-2015-7558 affects librsvg (up to version 2.40.12). The vulnerability arises from cyclic references in SVG documents, allowing context-dependent attackers to cause a denial of service via infinite loops, stack consumption, and application crash. The issue is rooted in librsvg’s SVG processing;...
[SECURITY] [DSA 3584-1] librsvg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3584-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3584-1 (librsvg - security update)
Gustavo Grieco discovered several flaws in the way librsvg, a SAX-based renderer library for SVG files, parses SVG files with circular definitions. A remote attacker can take advantage of these flaws to cause an application using the librsvg library to crash. OpenVAS Vulnerability Test $Id:...
[SECURITY] [DLA 477-1] librsvg security update
Package : librsvg Version : 2.36.1-2+deb7u2 CVE ID : CVE-2015-7558 CVE-2016-4347 CVE-2016-4348 Note CVE-2016-4347 is a duplicate of CVE-2015-7558 Two DoS in librsvg 2.40.2 parsing SVGs with circular definitions were found they will produce stack exhaustion by Gustavo Grieco. The version in wheezy...
Updated librsvg packages fix security vulnerability
Out-of-bounds heap read in librsvg2 was found when parsing SVG file CVE-2015-7557. Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file CVE-2015-7558. The librsvg package has been updated to version 2.40.13, fixing these issues and...
FreeBSD : librsvg2 -- denial of service vulnerability (d6c51737-a84b-11e5-8f5c-002590263bf5)
Adam Maris, Red Hat Product Security, reports : CVE-2015-7558: Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file. It has been fixed in 2.40.12 by many commits that has rewritten the checks for cyclic references. %NASLMINLEVEL...