CVE-2015-7557
HIGHlibrsvg < 2.40.6 - Denial of Service via Odd Coordinate Pair in SVG Document
Title source: llmDescription
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/12/21/5
Vendor Advisory x_refsource_confirm
https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df
Vendor Advisory x_refsource_confirm
https://git.gnome.org/browse/librsvg/tree/NEWS
Scores
CVSS v3
7.5
EPSS
0.0052
EPSS Percentile
67.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
gnome/librsvg
< 2.40.6
Published
May 20, 2016
Tracked Since
Feb 18, 2026