Courtbouillon Cairosvg — known CVE vulnerabilities
Every CVE whose affected-product data names Courtbouillon Cairosvg, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-27586 — CVSS 9.9 (critical): CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when…
CVE-2026-31899 — CVSS 7.5 (high): CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive…
CVE-2021-21236 — CVSS 5.7 (medium): CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular…