CPE – GNOME librsvg 1.1.6

CPE Details

GNOME librsvg 1.1.6

Vendor

gnome

Product

librsvg

Version

1.1.6

Created

2012-09-17
21h40 +00:00

Modifié

2012-09-17
21h40 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:gnome:librsvg:1.1.6:::::::*

Informations

Vendor

gnome

Product

librsvg

Version

1.1.6

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2019-20446	2020-02-01 23h00 +00:00	In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.	6.5	Moyen
CVE-2018-1000041	2018-02-09 22h00 +00:00	GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.	8.8	Haute
CVE-2015-7557	2016-05-20 12h00 +00:00	The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.	7.5	Haute
CVE-2015-7558	2016-05-20 12h00 +00:00	librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.	7.5	Haute
CVE-2016-4348	2016-05-20 12h00 +00:00	The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.	7.5	Haute
CVE-2013-1881	2013-10-09 22h00 +00:00	GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.	4.3
CVE-2011-3146	2012-09-05 23h00 +00:00	librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.	6.8

GNOME librsvg 1.1.6

CPE Details

CPE Name: cpe:2.3:a:gnome:librsvg:1.1.6:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:gnome:librsvg:1.1.6:::::::*