QwikSec

Security Database

CVE

CWE

Training

CVE-2019-6245

Published: Jan 13, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20190201 [SECURITY] [DLA 1656-1] agg security update

mailing-list

https://github.com/svgpp/svgpp/issues/70

[debian-lts-announce] 20211230 [SECURITY] [DLA 2872-1] agg security update

mailing-list

[debian-lts-announce] 20230401 [SECURITY] [DLA 3376-1] svgpp security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.