exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2021-21236

около 5 лет назад

CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS). If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. This is fixed in version 2.5.1. See Referenced GitHub advisory for more information.

CVSS3: 5.7

EPSS: Низкий

CVE-2021-21236

около 5 лет назад

CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS). If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. This is fixed in version 2.5.1. See Referenced GitHub advisory for more information.

CVSS3: 5.7

EPSS: Низкий

CVE-2021-21236

около 5 лет назад

CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter base ...

CVSS3: 5.7

EPSS: Низкий

GHSA-hq37-853p-g5cf

около 5 лет назад

Regular Expression Denial of Service in CairoSVG

CVSS3: 7.5

EPSS: Низкий

openSUSE-SU-2023:0272-1

больше 2 лет назад

Security update for python-CairoSVG

EPSS: Низкий

openSUSE-SU-2023:0260-1

больше 2 лет назад

Security update for python-CairoSVG

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-21236 CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS). If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. This is fixed in version 2.5.1. See Referenced GitHub advisory for more information.	CVSS3: 5.7	0% Низкий	около 5 лет назад
CVE-2021-21236 CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service (REDoS) vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service (REDoS). If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time. This is fixed in version 2.5.1. See Referenced GitHub advisory for more information.	CVSS3: 5.7	0% Низкий	около 5 лет назад
CVE-2021-21236 CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter base ...	CVSS3: 5.7	0% Низкий	около 5 лет назад
GHSA-hq37-853p-g5cf Regular Expression Denial of Service in CairoSVG	CVSS3: 7.5	0% Низкий	около 5 лет назад
openSUSE-SU-2023:0272-1 Security update for python-CairoSVG			больше 2 лет назад
openSUSE-SU-2023:0260-1 Security update for python-CairoSVG			больше 2 лет назад

Уязвимостей на страницу