VDB

GCVE-110-MAGEIA-2015-100

GCVE-110-MAGEIA-2015-100
Advisory Published
Vulnetix · Advisory published March 8, 2015
Atte Kettunen's fuzz testing found several vulnerabilities in librsvg: - Invalid memory access caused by incorrect handling of a pattern paint server with an xlink:href to a unexpected type (bgo#744299) - Infinite loop in the handling of gradients (bgo#738169) - Heap-buffer-overflow when there's a missing point in a point-list (bgo#738050) - Out of bounds memory access when clipping (bgo#703102) - Integer overflow in the convolution matrix filter code (commit 53c50c) - Fix double g_free() when processing stroke-dasharray (bgo#744688)

Affected Products

VendorProductVersionsPlatforms
Mageiaxfce4-places-plugin0 (affected), 1.6.0-4.1.mga5 (unaffected)
Mageialibrsvg2.39.0-1.2.mga4 (unaffected), 0 (affected), 0 (affected), 2.39.0-1.2.mga4 (unaffected)

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›