CVE-2016-4348

Published: May 20, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions

mailing-list

x_refsource_MLIST

https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2

x_refsource_CONFIRM

[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions

mailing-list

x_refsource_MLIST

DSA-3584

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2016:1333

vendor-advisory

x_refsource_SUSE

[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions

mailing-list

x_refsource_MLIST

[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4348

Description

Affected Products

References