CVE-2023-27586

EUVD-2023-0051
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.
SSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.9 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
GitHub_MCNA
9.9 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
courtbouilloncairosvg
𝑥
< 2.7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cairosvg
bookworm
2.5.2-1.1+deb12u1
fixed
bullseye
2.5.0-1.1+deb11u2
fixed
bullseye (security)
2.5.0-1.1+deb11u1
fixed
buster
ignored
sid
2.7.1-1
fixed
trixie
2.7.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cairosvg
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
needs-triage
Common Weakness Enumeration
References
https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255
https://github.com/Kozea/CairoSVG/commit/33007d4af9195e2bfb2ff9af064c4c2d8e4b2b53
https://github.com/Kozea/CairoSVG/releases/tag/2.7.0
https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv
https://github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255
https://github.com/Kozea/CairoSVG/commit/33007d4af9195e2bfb2ff9af064c4c2d8e4b2b53
https://github.com/Kozea/CairoSVG/releases/tag/2.7.0
https://github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv