Vulnerabilites related to gnome - librsvg
Vulnerability from fkie_nvd
Published
2017-02-03 15:59
Modified
2024-11-21 02:55
Severity ?
Summary
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/07/04/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/07/05/9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1353520 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/07/04/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/07/05/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1353520 | Issue Tracking, Patch |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:2.40.2:*:*:*:*:*:*:*", matchCriteriaId: "206FD857-C1D7-4951-8EDA-18ECCF9959F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.", }, { lang: "es", value: "La función rsvg_pattern_fix_fallback en rsvg-paint_server.c en librsvg2 2.40.2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo svg manipulado.", }, ], id: "CVE-2016-6163", lastModified: "2024-11-21T02:55:34.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-03T15:59:00.493", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/04/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/05/9", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/04/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/07/05/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-20 14:59
Modified
2024-11-21 02:36
Severity ?
Summary
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "B972B1F9-8BAF-45C7-BEAB-3D04EE62E37B", versionEndIncluding: "2.40.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.", }, { lang: "es", value: "La función _rsvg_node_poly_build_path en rsvg-shapes.c en librsvg en versiones anteriores a 2.40.7 permite a atacantes dependientes del contexto causar una denegación del servicio (lectura de memoria dinámica fuera de rango) a través de un número impar de elementos en un par coordinado en un documento SVG.", }, ], id: "CVE-2015-7557", lastModified: "2024-11-21T02:36:58.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-20T14:59:00.120", references: [ { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/tree/NEWS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/tree/NEWS", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-20 14:59
Modified
2024-11-21 02:36
Severity ?
Summary
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| gnome | librsvg | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "E946C8AF-F288-42B3-93DE-C52B5F8625C7", versionEndIncluding: "2.40.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.", }, { lang: "es", value: "librsvg en versiones anteriores a 2.40.12 permite a atacantes dependientes del contexto causar una denegación de servicio (bucle infinito, consumo de pila y caída de aplicación) a través de referencias cíclicas en un documento SVG.", }, ], id: "CVE-2015-7558", lastModified: "2024-11-21T02:36:58.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-20T14:59:01.120", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-07-19 21:29
Modified
2024-11-21 03:07
Severity ?
Summary
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:2.40.17:*:*:*:*:*:*:*", matchCriteriaId: "87A5C854-983B-42B9-AF52-7D8F62549768", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.", }, { lang: "es", value: "Un SIGFPE se genera en la función box_blur_line del archivo rsvg-filter.c en GNOME librsvg versión 2.40.17 durante un intento de análisis de un archivo SVG creado, debido a la protección incorrecta contra la división por cero.", }, ], id: "CVE-2017-11464", lastModified: "2024-11-21T03:07:50.237", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-07-19T21:29:00.197", references: [ { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/99956", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/4436-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/99956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4436-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-10-10 00:55
Modified
2024-11-21 01:50
Severity ?
Summary
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "26304CB1-170F-4BB7-ACC4-2C41C7B0660B", versionEndIncluding: "2.37.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE8621C-7623-490B-9D21-811DF3F16449", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CD6B4565-0EF5-4A51-A7AA-87A8DA10D5D7", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "BCDFC87F-C7BC-49C7-900F-B7AFC38F415D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "0EBC2319-4523-4117-9576-DE4D46B641D4", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E601BF04-E60B-4934-AB7C-C9CBBD1C47EE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "4DC8DCA5-B200-4D79-BD6B-2D16C08D532D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "CE19C8F6-0376-4573-A6BA-BEB428EA4028", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "FCA33041-FFB6-4B1C-97B7-CED775F34F03", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "1744D33B-982B-4828-B32E-7CA16F4A7035", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "5C869BD4-C9CC-438F-B6B0-810124E9D088", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "266E38C8-F46A-45BA-BDCE-C2D3AFD1F430", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "E5D794A4-4CE4-47FE-9652-26609C5062AB", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "D73ECCB1-56AA-49D4-A8CA-2C25763E64E0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "216AA4FD-69FE-4EB7-8158-F5A8E374FF15", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.2:*:*:*:*:*:*:*", matchCriteriaId: "C9F910E2-A2D7-4F80-97C4-56FB5CD8B4E0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.3:*:*:*:*:*:*:*", matchCriteriaId: "1840D7DD-B432-4163-BB71-4823E3CDC85B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.4:*:*:*:*:*:*:*", matchCriteriaId: "BD9E5A31-7893-457B-855D-7BB8CC87C7F2", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.1.5:*:*:*:*:*:*:*", matchCriteriaId: "B09E7A94-7787-403A-A27A-B9CCF9DF2665", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6FDE362B-7533-4144-8A65-C3844E67679E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "07C7CFCD-ABC5-48B9-B26A-CB0F6FC899E6", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6B683DD7-EBCF-4177-89D9-3652814D060E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.3:*:*:*:*:*:*:*", matchCriteriaId: "FF5F053B-D848-45D2-A146-1D03994DD71A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "20B31AF4-CE09-4EBB-AD94-B0EC6C677923", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.2.5:*:*:*:*:*:*:*", matchCriteriaId: "9375B30F-4A96-4605-A681-D950D328768F", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "76299D97-DE2A-4903-9D9C-D2A046A11CDD", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.3.1:*:*:*:*:*:*:*", matchCriteriaId: "AA48437A-D16D-404C-A8C4-60F7AC13A920", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.11.0:*:*:*:*:*:*:*", matchCriteriaId: "E919CDC2-B700-4C07-BB78-EA222510BB54", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.11.1:*:*:*:*:*:*:*", matchCriteriaId: "31E73EAB-E963-4D45-8F35-27D11B0629F7", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "3430BCCC-1C58-4216-ACEF-96A6EAA0EEBD", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.1:*:*:*:*:*:*:*", matchCriteriaId: "363AF753-AC74-4864-9339-B1C538F5EDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.2:*:*:*:*:*:*:*", matchCriteriaId: "DEAF665D-717D-4372-AE9D-9CBF5A17EB06", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.3:*:*:*:*:*:*:*", matchCriteriaId: "6EC683BC-EB87-4460-85CF-B63E1F92910A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.4:*:*:*:*:*:*:*", matchCriteriaId: "7C006D30-AAC5-4754-ACF9-7497D04A9F16", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.5:*:*:*:*:*:*:*", matchCriteriaId: "E0A5FC53-E928-455C-A14F-E92DDCCA246B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.6:*:*:*:*:*:*:*", matchCriteriaId: "2E070609-EF93-4D8F-9B84-1F2774D164BB", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.12.7:*:*:*:*:*:*:*", matchCriteriaId: "244ABB72-D70B-4A2F-9D9C-9D4C475C7196", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.0:*:*:*:*:*:*:*", matchCriteriaId: "65B06C1F-DB76-42B0-B0E5-63A99443B63E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.1:*:*:*:*:*:*:*", matchCriteriaId: "547E3592-8406-4968-8C88-568A03427FCE", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.2:*:*:*:*:*:*:*", matchCriteriaId: "7FB71338-9C68-4175-A1A5-8CA553C622B8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.3:*:*:*:*:*:*:*", matchCriteriaId: "A06E96E4-6C3C-4512-AA6A-9473D66078BA", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.4:*:*:*:*:*:*:*", matchCriteriaId: "1EF5B89F-6B83-42E4-B2F3-0DAD12EB3869", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.5:*:*:*:*:*:*:*", matchCriteriaId: "44F907B2-8725-4B4F-A8FB-011171BB3990", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.90:*:*:*:*:*:*:*", matchCriteriaId: "AACF0476-3E57-4F20-8C86-8B7DC2AB8308", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.91:*:*:*:*:*:*:*", matchCriteriaId: "09900C61-BD02-47A3-9984-7C1A6ADCACFF", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.92:*:*:*:*:*:*:*", matchCriteriaId: "8AFA0301-C1D6-419F-8E3D-DF754AD8F57B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.13.93:*:*:*:*:*:*:*", matchCriteriaId: "40348F23-9272-4538-8EAD-E91D33724978", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.14.0:*:*:*:*:*:*:*", matchCriteriaId: "D1CF3682-8D71-492F-A0D9-D8FD45C91155", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.14.1:*:*:*:*:*:*:*", matchCriteriaId: "629A1196-F5FD-405A-8553-9F5DFE7CE877", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.14.2:*:*:*:*:*:*:*", matchCriteriaId: "7DA22214-85FC-4246-AA76-A64EEDDCA5FC", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.14.3:*:*:*:*:*:*:*", matchCriteriaId: "1CD34C2F-593E-4CE2-8D2E-1603E583A041", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.14.4:*:*:*:*:*:*:*", matchCriteriaId: "F18E6DF0-9BFF-4A80-8555-14247486D54A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.15.0:*:*:*:*:*:*:*", matchCriteriaId: "795B9E0B-83EC-475B-A256-07D34B727F72", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.15.90:*:*:*:*:*:*:*", matchCriteriaId: "D6B1E760-8A04-463F-8A7B-ED7DF40409FA", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.16.0:*:*:*:*:*:*:*", matchCriteriaId: "3972F675-A33A-481E-B81C-F89391076A9E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.16.1:*:*:*:*:*:*:*", matchCriteriaId: "CFAB1943-EF01-4701-B264-86438F255A26", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.18.0:*:*:*:*:*:*:*", matchCriteriaId: "172E415B-79D3-4C4D-9E40-39341F5A55F1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.18.1:*:*:*:*:*:*:*", matchCriteriaId: "46AC7BB2-A0FF-44E0-B0DD-1D791E0D4675", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.18.2:*:*:*:*:*:*:*", matchCriteriaId: "5BAA1B43-0F64-4624-934A-AADEC07B722F", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.20.0:*:*:*:*:*:*:*", matchCriteriaId: "486D36E1-9E72-4745-87B4-7136213C2513", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.22.0:*:*:*:*:*:*:*", matchCriteriaId: "28AFE066-30F6-4363-85C0-979EF50F62B8", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.22.1:*:*:*:*:*:*:*", matchCriteriaId: "89343DD0-52FB-4FD7-BAA7-8CA1F3A22E7E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.22.2:*:*:*:*:*:*:*", matchCriteriaId: "DE43462F-C349-4B9B-B584-3F809A424039", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.22.3:*:*:*:*:*:*:*", matchCriteriaId: "B9726FDA-07C1-4D00-B8D1-ED8DB2418B2C", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.26.0:*:*:*:*:*:*:*", matchCriteriaId: "C3F0F857-F413-4306-80F9-1E9774F2589B", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.26.1:*:*:*:*:*:*:*", matchCriteriaId: "6DCA0DDF-4DB0-4BE0-B8F6-D8D32242CCDC", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.26.2:*:*:*:*:*:*:*", matchCriteriaId: "BCA5D13A-310A-4E16-BFE8-E32E85A7ADE1", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.26.3:*:*:*:*:*:*:*", matchCriteriaId: "D9293893-2EC2-485C-9B18-CE83511E5676", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.31.0:*:*:*:*:*:*:*", matchCriteriaId: "B9D87757-8277-4B73-8ACD-D31B742964F7", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.32.0:*:*:*:*:*:*:*", matchCriteriaId: "31472960-B23C-44D5-913A-2DBFE4284FD6", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.32.1:*:*:*:*:*:*:*", matchCriteriaId: "5B059ACC-5FE7-4E98-8842-A7CF853C749E", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.34.0:*:*:*:*:*:*:*", matchCriteriaId: "9F2E0A2E-2B24-4A9E-A9A9-A50CE340B977", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.34.1:*:*:*:*:*:*:*", matchCriteriaId: "D6084AB6-9E7C-4F6C-B9F0-4CD1C334C208", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.34.2:*:*:*:*:*:*:*", matchCriteriaId: "E2048467-D0DD-4C35-BF7C-A1AD6733940D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.35.0:*:*:*:*:*:*:*", matchCriteriaId: "D7127598-FAD7-498D-A358-70B61166CD19", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.35.1:*:*:*:*:*:*:*", matchCriteriaId: "90EC129F-DBC0-4252-956F-3EB743E9869D", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.35.2:*:*:*:*:*:*:*", matchCriteriaId: "90FCC66E-9706-46EE-B94E-5B4F190778FF", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.36.0:*:*:*:*:*:*:*", matchCriteriaId: "C6233ED5-D895-430B-92B9-96FE11B01862", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.36.1:*:*:*:*:*:*:*", matchCriteriaId: "072E0C9A-3976-4092-BE16-B3276878512A", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.36.2:*:*:*:*:*:*:*", matchCriteriaId: "8AD7F41B-8D57-49D8-8CB8-82FA1E4FCF79", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:2.36.3:*:*:*:*:*:*:*", matchCriteriaId: "1B6B4A79-CAA2-4FDB-92BB-F512A4C3B91D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.", }, { lang: "es", value: "GNOME libsvg anterior a 2.39.0 permite a atancates remotos leer archivos arbitrarios a través de documentos XML que contengan una declaración de entidad externa en conjunción con una entidad referencia, relacionada con un problema en XML External Entity (XXE).", }, ], id: "CVE-2013-1881", lastModified: "2024-11-21T01:50:34.717", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2013-10-10T00:55:03.773", references: [ { source: "secalert@redhat.com", url: "http://en.securitylab.ru/lab/PT-2013-01", }, { source: "secalert@redhat.com", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2014-0127.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/55088", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2149-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2149-2", }, { source: "secalert@redhat.com", url: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://en.securitylab.ru/lab/PT-2013-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2014-0127.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/55088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2149-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2149-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-02-09 23:29
Modified
2024-11-21 03:39
Severity ?
Summary
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | librsvg | * | |
| debian | debian_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "5D8CDD63-8FE9-403A-A16C-3A40CE88ECA8", versionEndExcluding: "2.41.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.", }, { lang: "es", value: "GNOME librsvg, en versiones anteriores al commit con ID c6ddf2ed4d768fd88adbea2b63f575cd523022ea, contiene una vulnerabilidad de validación de entradas indebida en rsvg-io.c que puede resultar en que el hash del nombre de usuario de Windows y la contraseña NTLM de una víctima se filtren a atacantes remotos mediante SMB. El ataque parece ser explotable mediante una víctima que procese un archivo SVG especialmente manipulado que contenga una ruta UNC en Windows.", }, ], id: "CVE-2018-1000041", lastModified: "2024-11-21T03:39:30.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-02-09T23:29:01.260", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-22 17:15
Modified
2024-11-21 08:13
Severity ?
Summary
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "E14FF525-44A3-4C87-8958-1B20852DFCEB", versionEndExcluding: "2.46.6", versionStartIncluding: "2.42.3", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "EB43F56A-0F8D-42C5-8DC1-0EE957AE9D8E", versionEndExcluding: "2.48.11", versionStartIncluding: "2.48.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "DC1D8EC3-E163-4AED-ACC3-74B2520CD21D", versionEndExcluding: "2.50.8", versionStartIncluding: "2.50.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "4262E2FD-02C5-47A0-A318-F3A080A3719B", versionEndExcluding: "2.52.10", versionStartIncluding: "2.52.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "9A353765-59DE-4581-B063-B5C127261F6E", versionEndExcluding: "2.54.6", versionStartIncluding: "2.54.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "8EE4893F-C118-48E2-B884-D560423D17F2", versionEndExcluding: "2.55.3", versionStartIncluding: "2.55.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "4B6589AD-7D57-46CB-BF8D-FF1D5BFB2D9D", versionEndExcluding: "2.56.3", versionStartIncluding: "2.56.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", matchCriteriaId: "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", matchCriteriaId: "46D69DCC-AE4D-4EA5-861C-D60951444C6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=\".?../../../../../../../../../../etc/passwd\" in an xi:include element.", }, ], id: "CVE-2023-38633", lastModified: "2024-11-21T08:13:58.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-22T17:15:09.810", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Not Applicable", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2023/Jul/43", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/07/27/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/09/06/10", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1213502", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=37415799", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230831-0011/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Not Applicable", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2023/Jul/43", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/07/27/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/09/06/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1213502", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Vendor Advisory", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=37415799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230831-0011/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5484", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-09-05 23:55
Modified
2024-11-21 01:29
Severity ?
Summary
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "FA1A15A4-6C74-4420-8B96-BD0D728F500A", versionEndIncluding: "2.34.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with \"fe,\" which is misidentified as a RsvgFilterPrimitive.", }, { lang: "es", value: "librsvg anterior a v2.34.1 utiliza el nombre de nodo para identificar el tipo de nodo, lo que permite a atacantes dependientes de contexto provocar una denegación de servicio (desreferencia puntero NULL) y posiblemente ejecutar código arbitrario a través de un archivo SVG con un nodo con el nombre del elemento de partida con \"fe\", que se confunde con un RsvgFilterPrimitive.", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n'CWE-476 Null Pointer Dereference'\r\n", id: "CVE-2011-3146", lastModified: "2024-11-21T01:29:50.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2012-09-05T23:55:01.630", references: [ { source: "cve@mitre.org", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html", }, { source: "cve@mitre.org", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2011-1289.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/45877", }, { source: "cve@mitre.org", url: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", }, { source: "cve@mitre.org", url: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2011-1289.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/45877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-20 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "F0539DDC-D041-42BF-A158-6C7F53EF7394", versionEndIncluding: "2.40.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.", }, { lang: "es", value: "La función _rsvg_css_normalize_font_size en librsvg 2.40.2 permite a atacantes dependientes del contexto provocar una denegación del servicio (consumo de pila y caída de aplicación) a través de definiciones circulares en un documento SVG.", }, ], id: "CVE-2016-4348", lastModified: "2024-11-21T02:51:54.933", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-20T14:59:06.467", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/04/28/4", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/04/28/7", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2016/05/10/15", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/04/28/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/04/28/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2016/05/10/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-02 14:15
Modified
2024-11-21 04:38
Severity ?
Summary
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | librsvg | * | |
| gnome | librsvg | * | |
| gnome | librsvg | * | |
| opensuse | leap | 15.1 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| netapp | active_iq_unified_manager | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "70B330DB-BF5F-4B46-9D8A-646B59FA28DE", versionEndExcluding: "2.40.21", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "22BF3558-A8F7-486E-B609-DFA8DB244CA8", versionEndExcluding: "2.42.8", versionStartIncluding: "2.42.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2F4682-F60A-44D9-926A-7D81F3317C37", versionEndExcluding: "2.44.16", versionStartIncluding: "2.44.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", }, { lang: "es", value: "En el archivo xml.rs en GNOME librsvg versiones anteriores a 2.46.2, un archivo SVG diseñado con patrones anidados puede causar una denegación de servicio cuando es pasado a la biblioteca para su procesamiento. El atacante construye elementos de patrón para que el número de objetos renderizados finales aumente exponencialmente.", }, ], id: "CVE-2019-20446", lastModified: "2024-11-21T04:38:30.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-02T14:15:10.523", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://gitlab.gnome.org/GNOME/librsvg/issues/515", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221111-0004/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4436-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://gitlab.gnome.org/GNOME/librsvg/issues/515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221111-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4436-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2018-1000041
Vulnerability from cvelistv5
Published
2018-02-09 23:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd | x_refsource_CONFIRM | |
| https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:33:48.985Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", }, { name: "[debian-lts-announce] 20180212 [SECURITY] [DLA 1278-1] librsvg security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-01-11T00:00:00", datePublic: "2017-11-27T00:00:00", descriptions: [ { lang: "en", value: "GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-13T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", }, { name: "[debian-lts-announce] 20180212 [SECURITY] [DLA 1278-1] librsvg security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", DATE_ASSIGNED: "1/11/2018 14:07:39", ID: "CVE-2018-1000041", REQUESTER: "alexbirsan@intigriti.me", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", refsource: "CONFIRM", url: "https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd", }, { name: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", refsource: "CONFIRM", url: "https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea", }, { name: "[debian-lts-announce] 20180212 [SECURITY] [DLA 1278-1] librsvg security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000041", datePublished: "2018-02-09T23:00:00", dateReserved: "2018-02-05T00:00:00", dateUpdated: "2024-08-05T12:33:48.985Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-7558
Vulnerability from cvelistv5
Published
2016-05-20 14:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/12/21/5 | mailing-list, x_refsource_MLIST | |
| https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/04/30/3 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2016/dsa-3584 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1268243 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-12-21T00:00:00", descriptions: [ { lang: "en", value: "librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-07-26T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-7558", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { name: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", refsource: "CONFIRM", url: "https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3584", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1268243", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7558", datePublished: "2016-05-20T14:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-1881
Vulnerability from cvelistv5
Published
2013-10-10 00:00
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes | x_refsource_CONFIRM | |
| https://bugzilla.gnome.org/show_bug.cgi?id=691708 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55088 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/USN-2149-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://rhn.redhat.com/errata/RHSA-2014-0127.html | vendor-advisory, x_refsource_REDHAT | |
| http://en.securitylab.ru/lab/PT-2013-01 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html | vendor-advisory, x_refsource_SUSE | |
| http://www.ubuntu.com/usn/USN-2149-2 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:20:36.945Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", }, { name: "55088", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/55088", }, { name: "USN-2149-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2149-1", }, { name: "RHSA-2014:0127", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0127.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://en.securitylab.ru/lab/PT-2013-01", }, { name: "openSUSE-SU-2013:1786", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html", }, { name: "SUSE-SU-2015:1785", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html", }, { name: "USN-2149-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2149-2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-14T00:00:00", descriptions: [ { lang: "en", value: "GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-06T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", }, { name: "55088", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/55088", }, { name: "USN-2149-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2149-1", }, { name: "RHSA-2014:0127", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0127.html", }, { tags: [ "x_refsource_MISC", ], url: "http://en.securitylab.ru/lab/PT-2013-01", }, { name: "openSUSE-SU-2013:1786", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html", }, { name: "SUSE-SU-2015:1785", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html", }, { name: "USN-2149-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2149-2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-1881", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", refsource: "CONFIRM", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.39/librsvg-2.39.0.changes", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=691708", }, { name: "55088", refsource: "SECUNIA", url: "http://secunia.com/advisories/55088", }, { name: "USN-2149-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2149-1", }, { name: "RHSA-2014:0127", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0127.html", }, { name: "http://en.securitylab.ru/lab/PT-2013-01", refsource: "MISC", url: "http://en.securitylab.ru/lab/PT-2013-01", }, { name: "openSUSE-SU-2013:1786", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html", }, { name: "SUSE-SU-2015:1785", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00020.html", }, { name: "USN-2149-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2149-2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-1881", datePublished: "2013-10-10T00:00:00", dateReserved: "2013-02-19T00:00:00", dateUpdated: "2024-08-06T15:20:36.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-11464
Vulnerability from cvelistv5
Published
2017-07-19 21:00
Modified
2024-08-05 18:12
Severity ?
EPSS score ?
Summary
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.gnome.org/show_bug.cgi?id=783835 | x_refsource_CONFIRM | |
| https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99956 | vdb-entry, x_refsource_BID | |
| https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4436-1/ | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T18:12:39.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "99956", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/99956", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { name: "USN-4436-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4436-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-07-19T00:00:00", descriptions: [ { lang: "en", value: "A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-28T21:06:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "99956", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/99956", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { name: "USN-4436-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4436-1/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-11464", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783835", }, { name: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", refsource: "CONFIRM", url: "https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "99956", refsource: "BID", url: "http://www.securityfocus.com/bid/99956", }, { name: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", refsource: "CONFIRM", url: "https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a", }, { name: "[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { name: "USN-4436-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4436-1/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-11464", datePublished: "2017-07-19T21:00:00", dateReserved: "2017-07-19T00:00:00", dateUpdated: "2024-08-05T18:12:39.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-6163
Vulnerability from cvelistv5
Published
2017-02-03 15:00
Modified
2024-08-06 01:22
Severity ?
EPSS score ?
Summary
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/07/05/9 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2016/07/04/3 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1353520 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:22:20.549Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20160705 Re: Browsing and attaching images considered harmful in Linux", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/07/05/9", }, { name: "[oss-security] 20160704 Browsing and attaching images considered harmful in Linux", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/07/04/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-04T00:00:00", descriptions: [ { lang: "en", value: "The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-02-03T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20160705 Re: Browsing and attaching images considered harmful in Linux", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/07/05/9", }, { name: "[oss-security] 20160704 Browsing and attaching images considered harmful in Linux", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/07/04/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6163", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20160705 Re: Browsing and attaching images considered harmful in Linux", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/07/05/9", }, { name: "[oss-security] 20160704 Browsing and attaching images considered harmful in Linux", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/07/04/3", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1353520", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6163", datePublished: "2017-02-03T15:00:00", dateReserved: "2016-07-05T00:00:00", dateUpdated: "2024-08-06T01:22:20.549Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-4348
Vulnerability from cvelistv5
Published
2016-05-20 14:00
Modified
2024-08-06 00:25
Severity ?
EPSS score ?
Summary
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/04/28/4 | mailing-list, x_refsource_MLIST | |
| https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/04/30/3 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2016/dsa-3584 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2016/04/28/7 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2016/05/10/15 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:25:14.473Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/28/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { name: "openSUSE-SU-2016:1333", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html", }, { name: "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/04/28/7", }, { name: "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/05/10/15", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-04-28T00:00:00", descriptions: [ { lang: "en", value: "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-07-26T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/28/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3584", }, { name: "openSUSE-SU-2016:1333", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html", }, { name: "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/04/28/7", }, { name: "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/05/10/15", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-4348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/28/4", }, { name: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", refsource: "CONFIRM", url: "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", }, { name: "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/30/3", }, { name: "DSA-3584", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3584", }, { name: "openSUSE-SU-2016:1333", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html", }, { name: "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/04/28/7", }, { name: "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/05/10/15", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-4348", datePublished: "2016-05-20T14:00:00", dateReserved: "2016-04-28T00:00:00", dateUpdated: "2024-08-06T00:25:14.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-7557
Vulnerability from cvelistv5
Published
2016-05-20 14:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/12/21/5 | mailing-list, x_refsource_MLIST | |
| https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df | x_refsource_CONFIRM | |
| https://git.gnome.org/browse/librsvg/tree/NEWS | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.gnome.org/browse/librsvg/tree/NEWS", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-12-21T00:00:00", descriptions: [ { lang: "en", value: "The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-20T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/12/21/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.gnome.org/browse/librsvg/tree/NEWS", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7557", datePublished: "2016-05-20T14:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.588Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-20446
Vulnerability from cvelistv5
Published
2020-02-02 00:00
Modified
2024-08-05 02:39
Severity ?
EPSS score ?
Summary
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:39:09.924Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://gitlab.gnome.org/GNOME/librsvg/issues/515", }, { name: "openSUSE-SU-2020:0343", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", }, { name: "FEDORA-2020-f6271d7afa", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", }, { name: "FEDORA-2020-39e0b8bd14", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { name: "[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { name: "USN-4436-1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://usn.ubuntu.com/4436-1/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221111-0004/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-14T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://gitlab.gnome.org/GNOME/librsvg/issues/515", }, { name: "openSUSE-SU-2020:0343", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", }, { name: "FEDORA-2020-f6271d7afa", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/", }, { name: "FEDORA-2020-39e0b8bd14", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { name: "[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html", }, { name: "USN-4436-1", tags: [ "vendor-advisory", ], url: "https://usn.ubuntu.com/4436-1/", }, { url: "https://security.netapp.com/advisory/ntap-20221111-0004/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-20446", datePublished: "2020-02-02T00:00:00", dateReserved: "2020-02-02T00:00:00", dateUpdated: "2024-08-05T02:39:09.924Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-38633
Vulnerability from cvelistv5
Published
2023-07-22 00:00
Modified
2024-08-02 17:46
Severity ?
EPSS score ?
Summary
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:46:56.600Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1213502", }, { tags: [ "x_transferred", ], url: "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", }, { name: "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Jul/43", }, { name: "[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/07/27/1", }, { name: "FEDORA-2023-fc79ee273d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/", }, { name: "FEDORA-2023-0873c38acd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/", }, { name: "DSA-5484", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5484", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230831-0011/", }, { name: "[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/09/06/10", }, { tags: [ "x_transferred", ], url: "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=37415799", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=\".?../../../../../../../../../../etc/passwd\" in an xi:include element.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-07T13:58:15.660243", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://gitlab.gnome.org/GNOME/librsvg/-/issues/996", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1213502", }, { url: "https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3", }, { name: "20230724 APPLE-SA-2023-07-24-1 Safari 16.6", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Jul/43", }, { name: "[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/07/27/1", }, { name: "FEDORA-2023-fc79ee273d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/", }, { name: "FEDORA-2023-0873c38acd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/", }, { name: "DSA-5484", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5484", }, { url: "https://security.netapp.com/advisory/ntap-20230831-0011/", }, { name: "[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/09/06/10", }, { url: "https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/", }, { url: "https://news.ycombinator.com/item?id=37415799", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-38633", datePublished: "2023-07-22T00:00:00", dateReserved: "2023-07-21T00:00:00", dateUpdated: "2024-08-02T17:46:56.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-3146
Vulnerability from cvelistv5
Published
2012-09-05 23:00
Modified
2024-09-16 23:46
Severity ?
EPSS score ?
Summary
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news | x_refsource_CONFIRM | |
| http://secunia.com/advisories/45877 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=734936 | x_refsource_MISC | |
| http://rhn.redhat.com/errata/RHSA-2011-1289.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.gnome.org/show_bug.cgi?id=658014 | x_refsource_CONFIRM | |
| http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84 | x_refsource_CONFIRM | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T23:22:27.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", }, { name: "45877", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/45877", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", }, { name: "RHSA-2011:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2011-1289.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", }, { name: "FEDORA-2011-12312", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html", }, { name: "FEDORA-2011-12301", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html", }, { name: "FEDORA-2011-12271", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with \"fe,\" which is misidentified as a RsvgFilterPrimitive.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-09-05T23:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", }, { name: "45877", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/45877", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", }, { name: "RHSA-2011:1289", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2011-1289.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", }, { name: "FEDORA-2011-12312", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html", }, { name: "FEDORA-2011-12301", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html", }, { name: "FEDORA-2011-12271", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-3146", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with \"fe,\" which is misidentified as a RsvgFilterPrimitive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", refsource: "CONFIRM", url: "http://ftp.gnome.org/pub/GNOME/sources/librsvg/2.34/librsvg-2.34.1.news", }, { name: "45877", refsource: "SECUNIA", url: "http://secunia.com/advisories/45877", }, { name: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", refsource: "MISC", url: "https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=734936", }, { name: "RHSA-2011:1289", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2011-1289.html", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", refsource: "CONFIRM", url: "https://bugzilla.gnome.org/show_bug.cgi?id=658014", }, { name: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", refsource: "CONFIRM", url: "http://git.gnome.org/browse/librsvg/commit/?id=34c95743ca692ea0e44778e41a7c0a129363de84", }, { name: "FEDORA-2011-12312", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html", }, { name: "FEDORA-2011-12301", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html", }, { name: "FEDORA-2011-12271", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-3146", datePublished: "2012-09-05T23:00:00Z", dateReserved: "2011-08-16T00:00:00Z", dateUpdated: "2024-09-16T23:46:10.807Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }