« List of all CVEs

CVE-2015-7557

Published: 5/20/2016 Last updated: 8/6/2024 Reserved: 9/29/2015

The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (1)

conf-librsvg2

Products affected (1)

Product Vendor Version
n/a n/a < 942c6f91ab8d82a41650e717940b4e577173762f

References (12)