Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-6245

Опубликовано: 13 янв. 2019
Источник: debian
EPSS Низкий

Описание

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
aggfixed1:2.4-r127+dfsg1-1package
svgppunfixedpackage

Примечания

  • https://github.com/svgpp/svgpp/issues/70

  • Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/

  • and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch

  • in 2.5+dfsg1-3.

  • No security impact on svgpp, only used to build examples, see #921097

EPSS

Процентиль: 65%
0.00502
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-6245

CVSS3: 8.8
ubuntu
около 7 лет назад

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.

nvd логотип

CVE-2019-6245

CVSS3: 8.8
nvd
около 7 лет назад

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.

github логотип

GHSA-pq7q-m4p8-r3wp

CVSS3: 8.8
github
больше 3 лет назад

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.

EPSS

Процентиль: 65%
0.00502
Низкий