CVE-2018-17334

EUVD-2018-9089
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
libsvg2_projectlibsvg2
𝑥
≤ 2012-10-19
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/agambier/libsvg2/issues/3
https://github.com/agambier/libsvg2/issues/3