Msrc Azl3 Librsvg2 2.50.3-4 On Azure Linux 3.0 vulnerabilities

4 known vulnerabilities affecting msrc/azl3_librsvg2_2.50.3-4_on_azure_linux_3.0.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2

Vulnerabilities

Page 1 of 1
CVE-2022-24713HIGHCVSS 7.52022-03-08
CVE-2022-24713 [HIGH] CWE-1333 Regular expression denial of service in Rust's regex crate Regular expression denial of service in Rust's regex crate FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with
msrc
CVE-2022-23639HIGHCVSS 8.12022-02-08
CVE-2022-23639 [HIGH] CWE-362 Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment t
msrc
CVE-2021-38190CRITICALCVSS 9.82021-08-10
CVE-2021-38190 [CRITICAL] CWE-119 An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row co An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count. FAQ: Is Azure Linux the only Microsoft pro
msrc
CVE-2021-27378CRITICALCVSS 9.82021-02-09
CVE-2021-27378 [CRITICAL] CWE-131 An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too li An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data. FAQ: Is Azure Linux the only Microsoft product that i
msrc