Количество 8
Количество 8
BDU:2023-02149
Уязвимость SVG-конвертера CairoSVG, связанная с недостаточной проверкой поступающих запросов, позволяющая нарушителю осуществить SSRF-атаку или вызвать отказ в обслуживании
CVE-2023-27586
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.
CVE-2023-27586
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.
CVE-2023-27586
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Pr ...
ROS-20230411-01
Уязвимость CairoSVG
GHSA-rwmf-w63j-p7gv
CairoSVG improperly processes SVG files loaded from external resources
openSUSE-SU-2023:0272-1
Security update for python-CairoSVG
openSUSE-SU-2023:0260-1
Security update for python-CairoSVG
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2023-02149 Уязвимость SVG-конвертера CairoSVG, связанная с недостаточной проверкой поступающих запросов, позволяющая нарушителю осуществить SSRF-атаку или вызвать отказ в обслуживании | CVSS3: 9.9 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-27586 CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default. | CVSS3: 9.9 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-27586 CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default. | CVSS3: 9.9 | 0% Низкий | больше 2 лет назад |
| CVE-2023-27586 CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Pr ... | CVSS3: 9.9 | 0% Низкий | больше 2 лет назад |
 | ROS-20230411-01 Уязвимость CairoSVG | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
| GHSA-rwmf-w63j-p7gv CairoSVG improperly processes SVG files loaded from external resources | CVSS3: 9.9 | 0% Низкий | больше 2 лет назад |
 | openSUSE-SU-2023:0272-1 Security update for python-CairoSVG | около 2 лет назад | ||
| openSUSE-SU-2023:0260-1 Security update for python-CairoSVG | около 2 лет назад |
Уязвимостей на страницу