Vulnerability in Gnome Librsvg

CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the…

EPSS: 0.044 (90.1th percentile) — read the EPSS interpretation.

Affected products

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2011-3146?
CVE-2011-3146 is a vulnerability in Gnome Librsvg. Published 2012-09-05.
Is CVE-2011-3146 known to be exploited?
8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.