Lucene search

K
osvGoogleOSV:GHSA-J984-Q4QC-6QXF
HistoryMay 17, 2022 - 3:50 a.m.

librsvg DoS via Cyclic References

2022-05-1703:50:02
Google
osv.dev
10
librsvg
denial of service
infinite loop
stack consumption
application crash
svg document
security vulnerability
software

EPSS

0.003

Percentile

69.9%

librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.