Librsvg

librsvg

Vendor: Gnome • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-38633 3Debian FedoraprojectGnome 3Debian Linux FedoraLibrsvg Nov 21, 2024 Jul 22, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?.....Show more A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.Show less
CVE-2019-20446 6Canonical DebianFedoraproject+3 more 6Active Iq Unified Manager Debian LinuxFedora+3 more Nov 21, 2024 Feb 2, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of fina...Show more In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.Show less
CVE-2018-1000041 2Debian Gnome 2Debian Linux Librsvg Nov 21, 2024 Feb 9, 2018 N/A· v4 8.8 HIGH· v3 4.3 MEDIUM· v2 GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being l...Show more GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.Show less
CVE-2017-11464 1Gnome 1Librsvg May 13, 2026 Jul 19, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
CVE-2016-6163 1Gnome 1Librsvg May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
CVE-2016-4348 3Debian GnomeOpensuse 4Debian Linux LeapLibrsvg+1 more May 6, 2026 May 20, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
CVE-2015-7558 2Debian Gnome 2Debian Linux Librsvg May 6, 2026 May 20, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
CVE-2015-7557 1Gnome 1Librsvg May 6, 2026 May 20, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pa...Show more The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.Show less
CVE-2013-1881 1Gnome 1Librsvg Apr 29, 2026 Oct 10, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) is...Show more GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.Show less
CVE-2011-3146 1Gnome 1Librsvg Apr 29, 2026 Sep 5, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file w...Show more librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.Show less