QwikSec

Security Database

CVE

CWE

Training

CVE-2019-20446

Published: Feb 2, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.gnome.org/GNOME/librsvg/issues/515

openSUSE-SU-2020:0343

vendor-advisory

FEDORA-2020-f6271d7afa

vendor-advisory

FEDORA-2020-39e0b8bd14

vendor-advisory

[debian-lts-announce] 20200722 [SECURITY] [DLA 2285-1] librsvg security update

mailing-list

vendor-advisory

https://security.netapp.com/advisory/ntap-20221111-0004/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.