CVE-2015-7557

Published: May 20, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion

mailing-list

x_refsource_MLIST

https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df

x_refsource_CONFIRM

https://git.gnome.org/browse/librsvg/tree/NEWS

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-7557

Description

Affected Products

References