{"api_version":"1","generated_at":"2026-04-20T04:41:45+00:00","cve":"CVE-2023-38633","urls":{"html":"https://cve.report/CVE-2023-38633","api":"https://cve.report/api/cve/CVE-2023-38633.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-38633","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-38633"},"summary":{"title":"CVE-2023-38633","description":"A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=\".?../../../../../../../../../../etc/passwd\" in an xi:include element.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-07-22 17:15:00","updated_at":"2024-01-24 16:41:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/","name":"FEDORA-2023-0873c38acd","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: librsvg2-2.54.6-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://gitlab.gnome.org/GNOME/librsvg/-/issues/996","name":"https://gitlab.gnome.org/GNOME/librsvg/-/issues/996","refsource":"MISC","tags":[],"title":"CVE-2023-38633: Arbitrary file read when xinclude href has special characters (#996) · Issues · GNOME / librsvg · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5484","name":"DSA-5484","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5484-1 librsvg","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1213502","name":"https://bugzilla.suse.com/show_bug.cgi?id=1213502","refsource":"MISC","tags":[],"title":"1213502 – (CVE-2023-38633) VUL-0: CVE-2023-38633: librsvg: directory traversal in URI decoder","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2023/07/27/1","name":"[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters","refsource":"MLIST","tags":[],"title":"oss-security - CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has\n special characters","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://news.ycombinator.com/item?id=37415799","name":"https://news.ycombinator.com/item?id=37415799","refsource":"MISC","tags":[],"title":"When URL parsers disagree (CVE-2023-38633, librsvg) | Hacker News","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jul/43","name":"20230724 APPLE-SA-2023-07-24-1 Safari 16.6","refsource":"FULLDISC","tags":[],"title":"SecLists.Org Security Mailing List Archive","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/","name":"FEDORA-2023-0873c38acd","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: librsvg2-2.54.6-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20230831-0011/","name":"https://security.netapp.com/advisory/ntap-20230831-0011/","refsource":"CONFIRM","tags":[],"title":"CVE-2023-38633 GNOME Librsvg Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/","name":"FEDORA-2023-fc79ee273d","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 38 Update: librsvg2-2.56.3-1.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2023/09/06/10","name":"[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters","refsource":"MLIST","tags":[],"title":"oss-security - Re: CVE-2023-38633 in librsvg: Arbitrary file read\n when xinclude href has special characters","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/","name":"https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/","refsource":"MISC","tags":[],"title":"When URL parsers disagree (CVE-2023-38633) - Canva Engineering Blog","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3","name":"https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3","refsource":"CONFIRM","tags":[],"title":"2.56.3 - stable · GNOME / librsvg · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/","name":"FEDORA-2023-fc79ee273d","refsource":"","tags":[],"title":"[SECURITY] Fedora 38 Update: librsvg2-2.56.3-1.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-38633","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38633","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"38633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"38633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"12.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"38633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"38633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"38633","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"librsvg","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-38633","qid":"199630","title":"Ubuntu Security Notification for librsvg Vulnerability (USN-6266-1)"},{"cve":"CVE-2023-38633","qid":"284363","title":"Fedora Security Update for librsvg2 (FEDORA-2023-fc79ee273d)"},{"cve":"CVE-2023-38633","qid":"284414","title":"Fedora Security Update for librsvg2 (FEDORA-2023-0873c38acd)"},{"cve":"CVE-2023-38633","qid":"296105","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 63.157.1 Missing (CPUOCT2023)"},{"cve":"CVE-2023-38633","qid":"503197","title":"Alpine Linux Security Update for librsvg"},{"cve":"CVE-2023-38633","qid":"506110","title":"Alpine Linux Security Update for librsvg"},{"cve":"CVE-2023-38633","qid":"6000235","title":"Debian Security Update for librsvg (DSA 5484-1)"},{"cve":"CVE-2023-38633","qid":"673392","title":"EulerOS Security Update for librsvg2 (EulerOS-SA-2023-3012)"},{"cve":"CVE-2023-38633","qid":"673885","title":"EulerOS Security Update for librsvg2 (EulerOS-SA-2023-3035)"},{"cve":"CVE-2023-38633","qid":"754252","title":"SUSE Enterprise Linux Security Update for librsvg (SUSE-SU-2023:3208-1)"},{"cve":"CVE-2023-38633","qid":"941248","title":"AlmaLinux Security Update for librsvg2 (ALSA-2023:5081)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-38633","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=\".?../../../../../../../../../../etc/passwd\" in an xi:include element."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://gitlab.gnome.org/GNOME/librsvg/-/issues/996","refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/librsvg/-/issues/996"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1213502","refsource":"MISC","name":"https://bugzilla.suse.com/show_bug.cgi?id=1213502"},{"refsource":"CONFIRM","name":"https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3","url":"https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.56.3"},{"refsource":"FULLDISC","name":"20230724 APPLE-SA-2023-07-24-1 Safari 16.6","url":"http://seclists.org/fulldisclosure/2023/Jul/43"},{"refsource":"MLIST","name":"[oss-security] 20230727 CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters","url":"http://www.openwall.com/lists/oss-security/2023/07/27/1"},{"refsource":"FEDORA","name":"FEDORA-2023-fc79ee273d","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/"},{"refsource":"FEDORA","name":"FEDORA-2023-0873c38acd","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/"},{"refsource":"DEBIAN","name":"DSA-5484","url":"https://www.debian.org/security/2023/dsa-5484"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230831-0011/","url":"https://security.netapp.com/advisory/ntap-20230831-0011/"},{"refsource":"MLIST","name":"[oss-security] 20230906 Re: CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters","url":"http://www.openwall.com/lists/oss-security/2023/09/06/10"},{"refsource":"MISC","name":"https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/","url":"https://www.canva.dev/blog/engineering/when-url-parsers-disagree-cve-2023-38633/"},{"refsource":"MISC","name":"https://news.ycombinator.com/item?id=37415799","url":"https://news.ycombinator.com/item?id=37415799"}]}},"nvd":{"publishedDate":"2023-07-22 17:15:00","lastModifiedDate":"2024-01-24 16:41:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.48.0","versionEndExcluding":"2.48.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.50.0","versionEndExcluding":"2.50.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.52.0","versionEndExcluding":"2.52.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.54.0","versionEndExcluding":"2.54.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.55.0","versionEndExcluding":"2.55.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.56.0","versionEndExcluding":"2.56.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:librsvg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.42.3","versionEndExcluding":"2.46.6","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}