← back
CVE-2015-7557

CVE-2015-7557

EPSS 2.1%
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8dfhttps://git.gnome.org/browse/librsvg/tree/NEWShttp://www.openwall.com/lists/oss-security/2015/12/21/5