cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
Max CVSS
7.5
EPSS Score
0.53%
Published
2017-07-17
Updated
2021-03-04
Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file.
Max CVSS
5.5
EPSS Score
0.63%
Published
2017-02-03
Updated
2019-04-02
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
Max CVSS
7.5
EPSS Score
0.98%
Published
2016-04-21
Updated
2018-10-30
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
Max CVSS
5.0
EPSS Score
0.81%
Published
2014-07-29
Updated
2014-07-30
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!