CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
EPSS
Percentile
38.6%
The CairoSVG SVG converter vulnerability is related to insufficient validation of user input during the
SVG file processing. Exploitation of the vulnerability could allow an attacker acting remotely,
access sensitive data located on a local network or send malicious requests to other servers from a vulnerable server.
requests to other servers from a vulnerable system.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | python3-cairosvg | < 2.7.0-1 | UNKNOWN |