16 matches found
JLSEC-2026-511
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
EUVD-2019-10992
Malware in sbrugna...
SUSE CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
CentOS 8 : librsvg2 (CESA-2020:4709)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4709 advisory. - librsvg: Resource exhaustion via crafted SVG file with nested patterns CVE-2019-20446 Note that Nessus has not tested for this issue but has instead relied on...
librsvg: Resource exhaustion via crafted SVG file with nested patterns
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
Moderate: librsvg2 security update
The librsvg2 packages provide a Scalable Vector Graphics SVG library based on the libart library. Security Fixes: librsvg: Resource exhaustion via crafted SVG file with nested patterns CVE-2019-20446 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
Ubuntu 16.04 LTS / 18.04 LTS : librsvg vulnerabilities (USN-4436-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4436-1 advisory. It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsv...
USN-4436-1 librsvg vulnerabilities
It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11464 It was discovered that librsvg incorrectly handled...
ALPINE-CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
DEBIAN-CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
UBUNTU-CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...
The vulnerability in the “soundlib/Snd_fx.cpp” file of the OpenMPT tracker software and the libopenmpt library for processing modular music allows a hacker to trigger a service failure.
The vulnerability in the “soundlib/Sndfx.cpp” file of the OpenMPT tracker software and the libopenmpt library for processing modular music is related to buffer overflows and reading beyond the maximum memory limit. Exploiting this vulnerability could allow a malicious actor to cause service...
PT-2020-5329 · Gnome +7 · Librsvg +7
Name of the Vulnerable Software and Affected Versions: librsvg versions prior to 2.46.2 Description: The issue is related to a denial of service caused by a crafted SVG file with nested patterns. This file, when processed by the library, can lead to an exponential growth in the number of final...