VYPR
Medium severity5.5NVD Advisory· Published Jan 18, 2013· Updated Jun 16, 2026

CVE-2012-5656

CVE-2012-5656

Description

The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Inkscape/Inkscape2 versions
    cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*range: <0.48.4
    • (no CPE)range: <0.48.4
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE3 versions
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.