CLSA-2026-1775652408 Fix CVE(s): CVE-2026-24484

SECURITY UPDATE: denial of service from multi-layer nested MVG to SVG conversion - debian/patches/CVE-2026-24484.patch: Add recursion-depth check for graphic-context and prevent excessive nested vector graphics that cause crashes or resource exhaustion due to unbounded recursion. -...

UBUNTU-CVE-2026-4016

A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...

GPAC 缓冲区错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. The GPAC 26.03-DEV version contains a buffer error vulnerability, which stems from an out-of-bounds write operation in the function svinprocess of the SVG Parser component’s src/filters/loadsvg.c file...

CVE-2023-34151

A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to sizet in svg, mvg and other coders recurring bugs of CVE-2022-32546...

UBUNTU-CVE-2022-3957

A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svgparsepreserveaspectratio of the file scenegraph/svgattributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a security vulnerability that originates from an unknown function in the file scenegraph/svgattributes.c of the SVG Parser component, which can be exploited by an attacker to cause a memory leak by manipulating the...