Librsvg Security Vulnerabilities and Issues — Librsvg CVE List

Lucene search

GnomeLibrsvg

10 matches found

CVE•added 2020/02/02 2:15 p.m.•337 views

CVE-2019-20446

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.

6.5CVSS6.3AI score0.01495EPSS

CVE•added 2017/07/19 9:29 p.m.•139 views

CVE-2017-11464

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

7.8CVSS6.5AI score0.00267EPSS

CVE•added 2023/07/22 5:15 p.m.•101 views

CVE-2023-38633

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

5.5CVSS5.1AI score0.33554EPSS

CVE•added 2016/05/20 2:59 p.m.•74 views

CVE-2015-7558

librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.

7.5CVSS7.1AI score0.0121EPSS

CVE•added 2016/05/20 2:59 p.m.•65 views

CVE-2016-4348

The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.

7.5CVSS7.1AI score0.01919EPSS

CVE•added 2013/10/10 12:55 a.m.•55 views

CVE-2013-1881

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

4.3CVSS6.5AI score0.07767EPSS

CVE•added 2016/05/20 2:59 p.m.•49 views

CVE-2015-7557

The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.

7.5CVSS7.1AI score0.00605EPSS

CVE•added 2018/02/09 11:29 p.m.•47 views

CVE-2018-1000041

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via...

8.8CVSS8.4AI score0.0048EPSS

CVE•added 2012/09/05 11:55 p.m.•44 views

CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as ...

6.8CVSS9.3AI score0.03439EPSS

CVE•added 2017/02/03 3:59 p.m.•44 views

CVE-2016-6163

The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.

5.5CVSS5.2AI score0.00434EPSS