VDB
GCVE-110-MAGEIA-2014-4
GCVE-110-MAGEIA-2014-4
Advisory Published
librsvg before version 2.39.0 allows remote attackers to read arbitrary files
via an XML document containing an external entity declaration in conjunction
with an entity reference (CVE-2013-1881).
gtk+3.0 has been patched to cope with the changes in SVG loading due to the
fix in librsvg.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gtk+3.0 | 0 (affected), gtk+3.0-3.6.4-1.1.mga3 (unaffected), 0 (affected), gtk+3.0-3.6.4-1.1.mga3 (unaffected) | — |
| Mageia | librsvg | 0 (affected), 2.36.4-2.1.mga3 (unaffected), 2.36.4-2.1.mga3 (unaffected), 0 (affected) | — |
| Mageia | apache | 2.4.4-7.5.mga3 (unaffected), 0 (affected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.