Every CVE whose affected-product data names Gnome Librsvg, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2018-1000041 — CVSS 8.8 (high): GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in…
CVE-2017-11464 — CVSS 7.8 (high): A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file…
CVE-2016-4348 — CVSS 7.5 (high): The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack…
CVE-2015-7558 — CVSS 7.5 (high): librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application…
CVE-2015-7557 — CVSS 7.5 (high): The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of…
CVE-2011-3146 — CVSS 6.8 (medium): librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of…
CVE-2019-20446 — CVSS 6.5 (medium): In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library…
CVE-2023-38633 — CVSS 5.5 (medium): A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on…
CVE-2016-6163 — CVSS 5.5 (medium): The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service…
CVE-2013-1881 — CVSS 4.3 (medium): GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in…