Showing 1 - 5 of 5

CVE-2023-38633

Status Candidate

Overview

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

Related Files

Gentoo Linux Security Advisory 202408-14: Posted Aug 9, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202408-14 - A vulnerability has been discovered in Librsvg, which can lead to arbitrary file reads. Versions greater than or equal to 2.56.3 are affected.; tags | advisory, arbitrary; systems | linux, gentoo; advisories | CVE-2023-38633; SHA-256 | 92324873dba2c41929b6116688e034cbc0c2155503b10400adfd970854008a8c; Download | Favorite | View

Red Hat Security Advisory 2023-5081-01: Posted Sep 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5081-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-38633; SHA-256 | be077606ece797affcba6a1e94b75041357cbd16075d2aa33acef3e5b0f1075e; Download | Favorite | View

Red Hat Security Advisory 2023-4809-01: Posted Aug 29, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4809-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-38633; SHA-256 | ef7a88fc0fa7989c6c00f67428fdf8c566429a803bbf2144ccb7f977abc6d0fc; Download | Favorite | View

Debian Security Advisory 5484-1: Posted Aug 28, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5484-1 - Zac Sims discovered a directory traversal in the URL decoder of librsvg, a SAX-based renderer library for SVG files, which could result in read of arbitrary files when processing a specially crafted SVG file with an include element.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2023-38633; SHA-256 | 68217fd1bf54af9f988610bfdb0f9312a6e81a903dfa057c272c6ded66b9df1d; Download | Favorite | View

Ubuntu Security Notice USN-6266-1: Posted Aug 1, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6266-1 - Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-38633; SHA-256 | 06773e26613c1f6604d2287ee6c54aa9a6a94e09a0c9341148dd41b01d3a1f80; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 213 files
indoushka 118 files
Ubuntu 88 files
Gentoo 33 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

CVE-2023-38633

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems