5 matches found
MGASA-2023-0259 Updated librsvg packages fix security vulnerability
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. CVE-2023-3863...
openSUSE: Security Advisory for librsvg (openSUSE-SU-2018:1310-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian: Security Advisory (DSA-3584-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated librsvg packages fix security vulnerability
Out-of-bounds heap read in librsvg2 was found when parsing SVG file CVE-2015-7557. Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file CVE-2015-7558. The librsvg package has been updated to version 2.40.13, fixing these issues and...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the librsvg2-2.26.0 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...