2 matches found
Fedora 42 : python-cairosvg (2026-a2778fcae6)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a2778fcae6 advisory. Security fix for CVE-2026-31899: https://nvd.nist.gov/vuln/detail/CVE-2026-31899 / https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c...
CVE-2026-31899
CVE-2026-31899 affects CairoSVG, a SVG converter based on Cairo. The vulnerability is an exponential denial of service via recursive element amplification in cairosvg/defs.py, causing CPU exhaustion from small inputs. The CVSS v3.1 vector yields a base score of 7.5 (HIGH) with network attack vec...