35 matches found
Astra Linux – Vulnerability in Cairo
A flaw was discovered in cairo’s image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo’s image-compositor for example, by convincing a user to open a file in an application that uses cairo, or if an application uses cairo on...
CVE-2018-25305 librsvg2-bin 2.40.13 Buffer Overflow via Malformed SVG
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...
EUVD-2018-21826
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...
PT-2026-35988
librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...
Advisory ROSA-SA-2025-3112
Software: cairo 1.15.12 OS: ROSA Virtualization 2.1 packageevrstring: cairo-1.15.12-6.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...
Advisory ROSA-SA-2025-3111
Software: pixman 0.38.4 OS: ROSA Virtualization 2.1 packageevrstring: pixman-0.38.4-4.rv3 CVE-ID: CVE-2020-35492 BDU-ID: 2021-03445 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the image-compositor.c component of the Cairo vector graphics library is related to a data stack buffer overflow...
JLSEC-2025-17 A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...
Cairo: Buffer Overflow Vulnerability
Background Cairo is a 2D vector graphics library with cross-device output support. Description An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite. Impact Malicious input to Cairo's image-compositor can result in denial of service of the...
SUSE CVE-2016-3190
The fillxrgb32lerpopaquespans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a negative span length...
SUSE CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...
cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes
A flaw was found in cairo's image-compositor.c. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input to cause a stack buffer...
Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2021-2871)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the image-compositor.c component in the Cairo vector graphics library, related to buffer overflows in the data stack, allows attackers to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the image-compositor.c component in the Cairo vector graphics library is related to buffer overflows in the data stack. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures through a special...
Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2021-2017)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2021-2048)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : cairo (EulerOS-SA-2021-1977)
According to the version of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to...
OESA-2021-1155 cairo security update
Security Fixes: A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses...
Out-of-Bounds Write
cairo is vulnerable to out-of-bound write. An attacker may exploit a malicious input file to cairo's image-compositor to cause a stack buffer overflow leading to an out-of-bounds write...
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example by convincing a user to open a file in an application using cairo or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality integrity as well as system availability.
...
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untruste...