Download
| Alert*
oval:org.secpod.oval:def:602508
Gustavo Grieco discovered several flaws in the way librsvg, a SAX-based renderer library for SVG files, parses SVG files with circular definitions. A remote attacker can take advantage of these flaws to cause an application using the librsvg library to crash. oval:org.secpod.oval:def:2101657 The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. oval:org.secpod.oval:def:2101653 librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document. |