Download
| Alert*
|
oval:org.secpod.oval:def:2105089
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim"s Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via ... oval:org.secpod.oval:def:89002516 This update for librsvg fixes the following issues: - CVE-2018-1000041: Input validation issue could lead to credentials leak. Update to version 2.40.20: + Except for emergencies, this will be the LAST RELEASE of the librsvg-2.40.x series. We are moving to 2.41, which is vastly improved over the 2. ... |
