VDB

GCVE-VVD-MAGEIA-2020-159

GCVE-VVD-MAGEIA-2020-159
Advisory Published
Vulnetix · Advisory published July 31, 2020
The updated packages fix a security vulnerability: In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially. (CVE-2019-20446)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaipset0 (affected), 7.6-1.mga7 (unaffected)
Mageialibrsvg0 (affected), 2.45.5-3.1.mga7 (unaffected), 0 (affected), 2.45.5-3.1.mga7 (unaffected)

Aliases

CVE-2019-20446

Transitive aliases

ALSA-2020:4709VVD-GENTOO-2020-710978GHSA-whvx-2m69-j66gEUVD-2019-10992BDU:2021-00123

References

Updated librsvg packages fix security vulnerability
advisory
Updated librsvg packages fix security vulnerability
issue
Updated librsvg packages fix security vulnerability
issue
Updated librsvg packages fix security vulnerability
issue
Updated ipset packages fix kernel compatibility
advisory
Updated ipset packages fix kernel compatibility
issue
Updated ipset packages fix kernel compatibility
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›