Lucene search
K
GnomeLibcroco

5 matches found

CVE
CVE
added 2020/05/12 5:30 p.m.461 views

CVE-2020-12825

CVE-2020-12825 affects libcroco

7.1CVSS6.8AI score0.02319EPSS
CVE
CVE
added 2017/06/12 6:0 a.m.213 views

CVE-2017-8834

CVE-2017-8834 affects libcroco 0.6.12, via the cr_tknzr_parse_comment function in cr-tknzr.c, allowing remote denial of service (memory allocation error) through a crafted CSS file. Connected advisories (SUSE/SLE, openSUSE, RHEL, Ubuntu, Astra Linux) reference CVE-2017-8834 and related CVEs (e.g....

6.5CVSS6AI score0.03844EPSS
CVE
CVE
added 2017/06/12 6:0 a.m.213 views

CVE-2017-8871

CVE-2017-8871 affects libcroco (cr-parser.c: cr_parser_parse_selector_core) where a crafted CSS file can trigger an infinite loop and CPU exhaustion, leading to denial of service. The issue is in libcroco 0.6.12; multiple bulletins note the same root cause across distros (e.g., SUSE-SU-2020:1535-...

7.1CVSS6AI score0.12996EPSS
CVE
CVE
added 2017/04/19 3:0 p.m.188 views

CVE-2017-7961

The CVE-2017-7961 issue affects libcroco up to version 0.6.12 (cr-tknzr_parse_rgb in cr-tknzr.c). The function may exhibit undefined behavior by converting a double RGB component to a long, potentially enabling denial of service (application crash) or other impact via a crafted CSS file. This is ...

7.8CVSS7.8AI score0.01966EPSS
CVE
CVE
added 2017/04/19 3:0 p.m.186 views

CVE-2017-7960

CVE-2017-7960 affects libcroco 0.6.11 and 0.6.12. The vulnerability is triggered by a crafted CSS file through the cr-input_new_from_uri function in cr-input.c, leading to a heap-based buffer over-read and a potential denial of service. Connected advisories (e.g., Red Hat, Ubuntu, EulerOS/NASL en...

5.5CVSS5.6AI score0.02001EPSS