CVE-2015-7557

Published: May 20, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.

Affected (1)

Products: Gnome: Librsvg

Gnome

1 product

Librsvg

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnome Librsvg	Up to 2.40.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.openwall.com/lists/oss-security/2015/12/21/5

Source: secalert@redhat.com

https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df

Source: secalert@redhat.com

Vendor Advisory

https://git.gnome.org/browse/librsvg/tree/NEWS

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/12/21/5

Source: af854a3a-2127-422b-91ae-364da2661108

https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://git.gnome.org/browse/librsvg/tree/NEWS

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.