Vulnerability in Gnome Librsvg
CVE-2011-3146
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the…
EPSS: 0.044 (90.1th percentile) — read the EPSS interpretation.
Affected products
- Gnome Librsvg
- N/a — versions n/a
Public proof-of-concept exploits
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM, Exploit, Patch)
- cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
- cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
- cve@mitre.org (vendor-advisory, x_refsource_FEDORA)
Frequently asked questions
- What is CVE-2011-3146?
- CVE-2011-3146 is a vulnerability in Gnome Librsvg. Published 2012-09-05.
- Is CVE-2011-3146 known to be exploited?
- 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.