Primary

Context

librsvg2-bin Buffer Overflow Vulnerability in rsvg Conversion Tool

Vulnerability

A buffer overflow vulnerability has been identified in librsvg2-bin version 2.40.13. This vulnerability allows local attackers to cause a denial-of-service condition by processing malformed SVG files. The issue arises when crafted SVG input is supplied to the rsvg conversion tool, leading to a segmentation fault in the cairo image compositor.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by using the rsvg-convert tool to process a malformed SVG file. This can be done by running rsvg-convert with the crafted SVG file as input, which will trigger the buffer overflow and cause a segmentation fault.

Added: Apr 29, 2026, 8:31 PM

Updated: Apr 29, 2026, 8:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

7.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

7.0

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

librsvg2-bin Buffer Overflow Vulnerability in rsvg Conversion Tool

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating