Debian Librsvg vulnerabilities

10 known vulnerabilities affecting debian/librsvg.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM5LOW1

Vulnerabilities

Page 1 of 1
CVE-2023-38633MEDIUMCVSS 5.5fixed in librsvg 2.54.7+dfsg-1~deb12u1 (bookworm)2023
CVE-2023-38633 [MEDIUM] CVE-2023-38633: librsvg - A directory traversal problem in the URL decoder of librsvg before 2.56.3 could ... A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. Scope: local bookworm: resolved (fixed in 2.54.7+dfsg-1~deb12u1) bullseye: resol
debian
CVE-2019-20446MEDIUMCVSS 6.5fixed in librsvg 2.46.4-1 (bookworm)2019
CVE-2019-20446 [MEDIUM] CVE-2019-20446: librsvg - In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested pattern... In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially. Scope: local bookworm: resolved (fixed in 2.46.4-1) bullseye: resolved (fixed in 2.46.4-1) forky: resolved
debian
CVE-2018-1000041LOWCVSS 8.82018
CVE-2018-1000041 [HIGH] CVE-2018-1000041: librsvg - GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea con... GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing
debian
CVE-2017-11464HIGHCVSS 7.8fixed in librsvg 2.40.18-1 (bookworm)2017
CVE-2017-11464 [HIGH] CVE-2017-11464: librsvg - A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librs... A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero. Scope: local bookworm: resolved (fixed in 2.40.18-1) bullseye: resolved (fixed in 2.40.18-1) forky: resolved (fixed in 2.40.18-1) sid: resolved (fixed in 2.40.18-1) trixi
debian
CVE-2016-4348HIGHCVSS 7.5fixed in librsvg 2.40.12-1 (bookworm)2016
CVE-2016-4348 [HIGH] CVE-2016-4348: librsvg - The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-depe... The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document. Scope: local bookworm: resolved (fixed in 2.40.12-1) bullseye: resolved (fixed in 2.40.12-1) forky: resolved (fixed in 2.40.12-1) sid: resolved (fixed in 2.40
debian
CVE-2016-6163MEDIUMCVSS 5.5fixed in librsvg 2.40.9-2 (bookworm)2016
CVE-2016-6163 [MEDIUM] CVE-2016-6163: librsvg - The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2... The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file. Scope: local bookworm: resolved (fixed in 2.40.9-2) bullseye: resolved (fixed in 2.40.9-2) forky: resolved (fixed in 2.40.9-2) sid: resolved (fixed in 2.40.9-2) trixie: resolved (fixed in 2
debian
CVE-2015-7557HIGHCVSS 7.5fixed in librsvg 2.40.9-2 (bookworm)2015
CVE-2015-7557 [HIGH] CVE-2015-7557: librsvg - The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.... The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document. Scope: local bookworm: resolved (fixed in 2.40.9-2) bullseye: resolved (fixed in 2.40.9-2) forky: resolved (fixed in 2.40.9-2)
debian
CVE-2015-7558HIGHCVSS 7.5fixed in librsvg 2.40.12-1 (bookworm)2015
CVE-2015-7558 [HIGH] CVE-2015-7558: librsvg - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of s... librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document. Scope: local bookworm: resolved (fixed in 2.40.12-1) bullseye: resolved (fixed in 2.40.12-1) forky: resolved (fixed in 2.40.12-1) sid: resolved (fixed in 2.40.12-1) trixie: resolved (
debian
CVE-2013-1881MEDIUMCVSS 4.3fixed in librsvg 2.40.0-1 (bookworm)2013
CVE-2013-1881 [MEDIUM] CVE-2013-1881: librsvg - GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via a... GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Scope: local bookworm: resolved (fixed in 2.40.0-1) bullseye: resolved (fixed in 2.40.0-1) forky: resolved (fixed in 2.40.0-1) sid: resolved (f
debian
CVE-2011-3146MEDIUMCVSS 6.8fixed in librsvg 2.34.1-1 (bookworm)2011
CVE-2011-3146 [MEDIUM] CVE-2011-3146: librsvg - librsvg before 2.34.1 uses the node name to identify the type of node, which all... librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive. Scope: local bookworm: resolved (fixed in 2.34
debian