Vulnerability Details : CVE-2016-4348
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-4348
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4348
1.66%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4348
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-4348
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4348
-
http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html
openSUSE-SU-2016:1333-1: moderate: Security update for librsvgThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/04/28/7
oss-security - Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions
-
http://www.openwall.com/lists/oss-security/2016/05/10/15
oss-security - Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions
-
http://www.openwall.com/lists/oss-security/2016/04/30/3
oss-security - Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions
-
http://www.openwall.com/lists/oss-security/2016/04/28/4
oss-security - CVE requests: DoS in librsvg parsing SVGs with circular definitions
-
http://www.debian.org/security/2016/dsa-3584
Debian -- Security Information -- DSA-3584-1 librsvgThird Party Advisory
-
https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2
state: Store mask as reference (d1c91919) · Commits · GNOME / librsvg · GitLabVendor Advisory
Jump to