Gnome Librsvg

10 CVEs affecting Gnome Librsvg. Latest disclosed: 2023-07-22. Critical: 0, High: 5.

Top CVEs affecting Gnome Librsvg
CVESeverityScorePublishedSummary
CVE-2018-1000041High8.82018-02-09GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in…
CVE-2017-11464High7.82017-07-19A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrec…
CVE-2016-4348High7.52016-05-20The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application…
CVE-2015-7558High7.52016-05-20librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic ref…
CVE-2015-7557High7.52016-05-20The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bound…
CVE-2019-20446Medium6.52020-02-02In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The at…
CVE-2023-38633Medium5.52023-07-22A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem…
CVE-2016-6163Medium5.52017-02-03The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via…
CVE-2013-18812013-10-10GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an…
CVE-2011-31462012-09-05librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dere…