agambier/libsvg2

agambier/libsvg2

Releases0

Stars24

C Library to parse and render SVG files.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-17332 ↗	Sep 22, 2018Saturday, 22 September 2018, 16:29	—	5 MEDIUM
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17333 ↗	Sep 22, 2018Saturday, 22 September 2018, 16:29	—	7.5 HIGH
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17334 ↗	Sep 22, 2018Saturday, 22 September 2018, 16:29	—	7.5 HIGH
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.