Filtered by vendor Cairographics
Subscribe
Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18064 | 1 Cairographics | 1 Cairo | 2021-03-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function). | |||||
| CVE-2017-7475 | 1 Cairographics | 1 Cairo | 2021-03-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash. | |||||
| CVE-2019-6462 | 1 Cairographics | 1 Cairo | 2021-03-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized. | |||||
| CVE-2019-6461 | 1 Cairographics | 1 Cairo | 2021-03-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. | |||||
| CVE-2016-9082 | 1 Cairographics | 1 Cairo | 2019-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. | |||||
| CVE-2018-19876 | 1 Cairographics | 1 Cairo | 2019-01-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error. | |||||