VYPR

rpm package

suse/cairo&distro=SUSE Linux Enterprise Desktop 12 SP2

pkg:rpm/suse/cairo&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Vulnerabilities (2)

  • CVE-2017-7475MedMay 19, 2017
    affected < 1.15.2-24.1fixed 1.15.2-24.1

    Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

  • CVE-2016-9082MedFeb 3, 2017
    affected < 1.15.2-24.1fixed 1.15.2-24.1

    Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file.